X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_ec_keyx.c;h=5e677dc2c531232131d2fad3754f5a915049a4d8;hb=c6655a0b620a3e31f085cc906f8073fe81b2fad3;hp=06835d37b250287228d1b127469790e8b8f11159;hpb=c5ec3860a0c95a74ee98210e0ac174924866dab1;p=openssl-gost%2Fengine.git

diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c
index 06835d3..5e677dc 100644
--- a/gost_ec_keyx.c
+++ b/gost_ec_keyx.c
@@ -406,6 +406,7 @@ static int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     int exp_len = 0, iv_len = 0;
     unsigned char *exp_buf = NULL;
     int key_is_ephemeral = 0;
+    int res_len = 0;
 
     switch (data->cipher_nid) {
     case NID_magma_ctr:
@@ -499,8 +500,26 @@ static int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
         goto err;
     }
 
-    if ((*out_len = i2d_PSKeyTransport_gost(pst, out ? &out : NULL)) > 0)
+    res_len = i2d_PSKeyTransport_gost(pst, NULL);
+    if (res_len <= 0) {
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_ASN1_LIB);
+        goto err;
+    }
+
+    if (out == NULL) {
+        *out_len = res_len;
         ret = 1;
+    } else {
+        if ((size_t)res_len > *out_len) {
+            GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, GOST_R_INVALID_BUFFER_SIZE);
+            goto err;
+        }
+        if ((*out_len = i2d_PSKeyTransport_gost(pst, &out)) > 0)
+            ret = 1;
+        else
+            GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_ASN1_LIB);
+    }
+
  err:
     OPENSSL_cleanse(expkeys, sizeof(expkeys));
     if (key_is_ephemeral)
@@ -630,16 +649,24 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
                           size_t in_len)
 {
     const unsigned char *p = in;
-    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
-    EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
+    struct gost_pmeth_data *data;
+    EVP_PKEY *priv;
     PSKeyTransport_gost *pst = NULL;
     int ret = 0;
     unsigned char expkeys[64];
     EVP_PKEY *eph_key = NULL;
-    int pkey_nid = EVP_PKEY_base_id(priv);
+    int pkey_nid;
     int mac_nid = NID_undef;
     int iv_len = 0;
 
+    if (!(data = EVP_PKEY_CTX_get_data(pctx)) ||
+        !(priv = EVP_PKEY_CTX_get0_pkey(pctx))) {
+       GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT, GOST_R_ERROR_COMPUTING_EXPORT_KEYS);
+       ret = 0;
+       goto err;
+    }
+    pkey_nid = EVP_PKEY_base_id(priv);
+
     switch (data->cipher_nid) {
     case NID_magma_ctr:
         mac_nid = NID_magma_mac;
@@ -678,7 +705,7 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
 
    o  q * Q_eph is not equal to zero point.
 */
-    if (eph_key == NULL || priv == NULL || data == NULL) {
+    if (eph_key == NULL) {
        GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT,
                GOST_R_ERROR_COMPUTING_EXPORT_KEYS);
        ret = 0;