The branch master has been updated via e7414634a59aa61c7917193a31382ced95d40eeb (commit) from a18cdd28077be05ec88538be84a761469f3f20c4 (commit)
- Log ----------------------------------------------------------------- commit e7414634a59aa61c7917193a31382ced95d40eeb Author: Xiaofei Bai <xiaofei....@arm.com> Date: Wed Nov 3 03:28:23 2021 +0000 Fix sigsize usage in apps/speed.c In a recent upstream change (43da9a14f0e73f42f28ae34219929b44df5d1a11) the parameter sigsize become a read/write input in EVP_PKEY_sign(), and after signing, sigsize will be overwritten with the actual size and used in the verify step. As the speed program calls EVP_PKEY_sign() on the same context repeatedly, sigsize value is no longer the initial available size, and may fail in later buffer size checks. This fix adds a new buflen member in struct loopargs (which is only used within apps/speed.c), to save available buffer size and to be used as sigsize input in EVP_PKEY_sign() calls. Sigsize still contains the signature size for the verify step. Signed-off-by: Xiaofei Bai <xiaofei....@arm.com> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16991) ----------------------------------------------------------------------- Summary of changes: apps/speed.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/apps/speed.c b/apps/speed.c index 4dd9ce0885..ada559228d 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -462,6 +462,7 @@ typedef struct loopargs_st { unsigned char *buf_malloc; unsigned char *buf2_malloc; unsigned char *key; + size_t buflen; size_t sigsize; EVP_PKEY_CTX *rsa_sign_ctx[RSA_NUM]; EVP_PKEY_CTX *rsa_verify_ctx[RSA_NUM]; @@ -832,6 +833,7 @@ static int RSA_sign_loop(void *args) int ret, count; for (count = 0; COND(rsa_c[testnum][0]); count++) { + *rsa_num = tempargs->buflen; ret = EVP_PKEY_sign(rsa_sign_ctx[testnum], buf2, rsa_num, buf, 36); if (ret <= 0) { BIO_printf(bio_err, "RSA sign failure\n"); @@ -892,6 +894,7 @@ static int DSA_sign_loop(void *args) int ret, count; for (count = 0; COND(dsa_c[testnum][0]); count++) { + *dsa_num = tempargs->buflen; ret = EVP_PKEY_sign(dsa_sign_ctx[testnum], buf2, dsa_num, buf, 20); if (ret <= 0) { BIO_printf(bio_err, "DSA sign failure\n"); @@ -935,6 +938,7 @@ static int ECDSA_sign_loop(void *args) int ret, count; for (count = 0; COND(ecdsa_c[testnum][0]); count++) { + *ecdsa_num = tempargs->buflen; ret = EVP_PKEY_sign(ecdsa_sign_ctx[testnum], buf2, ecdsa_num, buf, 20); if (ret <= 0) { BIO_printf(bio_err, "ECDSA sign failure\n"); @@ -1779,6 +1783,8 @@ int speed_main(int argc, char **argv) /* Align the start of buffers on a 64 byte boundary */ loopargs[i].buf = loopargs[i].buf_malloc + misalign; loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign; + loopargs[i].buflen = buflen - misalign; + loopargs[i].sigsize = buflen - misalign; loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a"); loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b"); #ifndef OPENSSL_NO_DH @@ -2349,6 +2355,7 @@ int speed_main(int argc, char **argv) for (i = 0; st && i < loopargs_len; i++) { loopargs[i].rsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, NULL); + loopargs[i].sigsize = loopargs[i].buflen; if (loopargs[i].rsa_sign_ctx[testnum] == NULL || EVP_PKEY_sign_init(loopargs[i].rsa_sign_ctx[testnum]) <= 0 || EVP_PKEY_sign(loopargs[i].rsa_sign_ctx[testnum], @@ -2427,6 +2434,7 @@ int speed_main(int argc, char **argv) for (i = 0; st && i < loopargs_len; i++) { loopargs[i].dsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key, NULL); + loopargs[i].sigsize = loopargs[i].buflen; if (loopargs[i].dsa_sign_ctx[testnum] == NULL || EVP_PKEY_sign_init(loopargs[i].dsa_sign_ctx[testnum]) <= 0 @@ -2505,6 +2513,7 @@ int speed_main(int argc, char **argv) for (i = 0; st && i < loopargs_len; i++) { loopargs[i].ecdsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key, NULL); + loopargs[i].sigsize = loopargs[i].buflen; if (loopargs[i].ecdsa_sign_ctx[testnum] == NULL || EVP_PKEY_sign_init(loopargs[i].ecdsa_sign_ctx[testnum]) <= 0