From db056c46e1a7471ae7e133842f76343c5d915a08 Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 4 Oct 2022 20:46:13 +0000 Subject: [PATCH] Correctly check for DH_compute_key() error DH_size() only gives an upper bound for the size of the key. The key can be shorter. Found after anton reported sporadic regress test failures ok jsing --- lib/libcsi/csi_dh.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libcsi/csi_dh.c b/lib/libcsi/csi_dh.c index 2d38595d342..9612fd9819c 100644 --- a/lib/libcsi/csi_dh.c +++ b/lib/libcsi/csi_dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: csi_dh.c,v 1.3 2022/01/10 23:03:07 tb Exp $ */ +/* $OpenBSD: csi_dh.c,v 1.4 2022/10/04 20:46:13 tb Exp $ */ /* * Copyright (c) 2000, 2001, 2015 Markus Friedl * Copyright (c) 2006, 2016 Damien Miller @@ -388,7 +388,7 @@ csi_dh_derive_shared_key(struct csi_dh *cdh, struct csi_dh_shared **cdhs) key_len = (size_t)len; if ((key = calloc(1, key_len)) == NULL) goto errmem; - if (DH_compute_key(key, cdh->peer_pubkey, cdh->dh) != len) { + if (DH_compute_key(key, cdh->peer_pubkey, cdh->dh) < 0) { csi_err_setx(&cdh->err, CSI_ERR_CRYPTO, "failed to derive key"); goto err; } -- 2.20.1