I had checked this by portable build and all regresses passed.
I'm ok with this diff.
On Thu, Mar 26, 2020 at 09:28:01PM +0300, dbarysh...@gmail.com wrote:
> From: Dmitry Baryshkov
>
> Add few more error reports to help debugging.
>
> Sponsored by ROSA Linux.
>
> Signed-off-by: Dmitry Baryshkov
> ---
> src/lib/libcrypto/gost/gostr341001_ameth.c | 20 +++-
> 1 file changed, 15 insertions(+), 5 deletions(-)
>
> diff --git a/src/lib/libcrypto/gost/gostr341001_ameth.c
> b/src/lib/libcrypto/gost/gostr341001_ameth.c
> index 16295996dce7..be621d0185dd 100644
> --- a/src/lib/libcrypto/gost/gostr341001_ameth.c
> +++ b/src/lib/libcrypto/gost/gostr341001_ameth.c
> @@ -96,15 +96,19 @@ decode_gost01_algor_params(EVP_PKEY *pkey, const unsigned
> char **p, int len)
> ec = pkey->pkey.gost;
> if (ec == NULL) {
> ec = GOST_KEY_new();
> - if (ec == NULL)
> + if (ec == NULL) {
> + GOSTerror(ERR_R_MALLOC_FAILURE);
> return 0;
> + }
> if (EVP_PKEY_assign_GOST(pkey, ec) == 0)
> return 0;
> }
>
> group = EC_GROUP_new_by_curve_name(param_nid);
> - if (group == NULL)
> + if (group == NULL) {
> + ECerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
> return 0;
> + }
> EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
> if (GOST_KEY_set_group(ec, group) == 0) {
> EC_GROUP_free(group);
> @@ -207,8 +211,10 @@ pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
> return 0;
> }
> p = pval->data;
> - if (decode_gost01_algor_params(pk, &p, pval->length) == 0)
> + if (decode_gost01_algor_params(pk, &p, pval->length) == 0) {
> + GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
> return 0;
> + }
>
> octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
> if (octet == NULL) {
> @@ -407,8 +413,10 @@ priv_decode_gost01(EVP_PKEY *pk, const
> PKCS8_PRIV_KEY_INFO *p8inf)
> int ptype = V_ASN1_UNDEF;
> ASN1_STRING *pval = NULL;
>
> - if (PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf) == 0)
> + if (PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf) ==
> 0) {
> + GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
> return 0;
> + }
> (void)EVP_PKEY_assign_GOST(pk, NULL);
> X509_ALGOR_get0(NULL, &ptype, (const void **)&pval, palg);
> if (ptype != V_ASN1_SEQUENCE) {
> @@ -416,8 +424,10 @@ priv_decode_gost01(EVP_PKEY *pk, const
> PKCS8_PRIV_KEY_INFO *p8inf)
> return 0;
> }
> p = pval->data;
> - if (decode_gost01_algor_params(pk, &p, pval->length) == 0)
> + if (decode_gost01_algor_params(pk, &p, pval->length) == 0) {
> + GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
> return 0;
> + }
> p = pkey_buf;
> if (V_ASN1_OCTET_STRING == *p) {
> /* New format - Little endian octet string */
> --
> 2.25.1
>