ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Don't set pubkey if eckey already has public key

Browse Source 
The 'ecdsa_check()' function tries to correctly set the public key
on the eckey, but this should be skipped if the public key is
retrieved via the private key.

(cherry picked from commit 06b9724152)
This commit is contained in:
Matthijs Mekking
2020-12-15 14:09:05 +01:00
parent e3acfb44d5
commit 9e2ea5efb1
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lib/dns/opensslecdsa_link.c
View File

@@ -563,17 +563,21 @@ static isc_result_t
ecdsa_check(EC_KEY *eckey, EC_KEY *pubeckey) {
const EC_POINT *pubkey;
pubkey = EC_KEY_get0_public_key(pubeckey);
if (pubkey == NULL) {
return (ISC_R_SUCCESS);
}
if (EC_KEY_set_public_key(eckey, pubkey) != 1) {
pubkey = EC_KEY_get0_public_key(eckey);
if (pubkey != NULL) {
return (ISC_R_SUCCESS);
} else if (pubeckey != NULL) {
pubkey = EC_KEY_get0_public_key(pubeckey);
if (pubkey == NULL) {
return (ISC_R_SUCCESS);
}
if (EC_KEY_set_public_key(eckey, pubkey) != 1) {
return (ISC_R_SUCCESS);
}
}
if (EC_KEY_check_key(eckey) == 1) {
return (ISC_R_SUCCESS);
}
return (ISC_R_FAILURE);
}