From dd1a6ee86a43ca0a5e5cbce7a74789a58635a700 Mon Sep 17 00:00:00 2001 From: jsing Date: Thu, 1 Dec 2022 02:58:31 +0000 Subject: [PATCH] BN_one() can fail, check its return value. ok tb@ --- lib/libcrypto/bn/bn_gcd.c | 11 +++++++---- lib/libcrypto/gost/gostr341001.c | 14 +++++++++----- 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/lib/libcrypto/bn/bn_gcd.c b/lib/libcrypto/bn/bn_gcd.c index 4661b35571f..f3a23701b1c 100644 --- a/lib/libcrypto/bn/bn_gcd.c +++ b/lib/libcrypto/bn/bn_gcd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gcd.c,v 1.18 2022/11/26 16:08:51 tb Exp $ */ +/* $OpenBSD: bn_gcd.c,v 1.19 2022/12/01 02:58:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -277,7 +277,8 @@ BN_mod_inverse_internal(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ct if (R == NULL) goto err; - BN_one(X); + if (!BN_one(X)) + goto err; BN_zero(Y); if (BN_copy(B, a) == NULL) goto err; @@ -591,7 +592,8 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, if (R == NULL) goto err; - BN_one(X); + if (!BN_one(X)) + goto err; BN_zero(Y); if (BN_copy(B, a) == NULL) goto err; @@ -755,7 +757,8 @@ BN_gcd_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, if ((T = BN_CTX_get(ctx)) == NULL) goto err; - BN_one(X); + if (!BN_one(X)) + goto err; BN_zero(Y); if (BN_copy(B, a) == NULL) goto err; diff --git a/lib/libcrypto/gost/gostr341001.c b/lib/libcrypto/gost/gostr341001.c index 13f053dae84..79fddb11b04 100644 --- a/lib/libcrypto/gost/gostr341001.c +++ b/lib/libcrypto/gost/gostr341001.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gostr341001.c,v 1.10 2022/11/26 16:08:53 tb Exp $ */ +/* $OpenBSD: gostr341001.c,v 1.11 2022/12/01 02:58:31 jsing Exp $ */ /* * Copyright (c) 2014 Dmitry Eremin-Solenikov * Copyright (c) 2005-2006 Cryptocom LTD @@ -178,8 +178,10 @@ gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey) goto err; if (BN_mod_ct(e, md, order, ctx) == 0) goto err; - if (BN_is_zero(e)) - BN_one(e); + if (BN_is_zero(e)) { + if (!BN_one(e)) + goto err; + } if ((k = BN_CTX_get(ctx)) == NULL) goto err; if ((X = BN_CTX_get(ctx)) == NULL) @@ -289,8 +291,10 @@ gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec) if (BN_mod_ct(e, md, order, ctx) == 0) goto err; - if (BN_is_zero(e)) - BN_one(e); + if (BN_is_zero(e)) { + if (!BN_one(e)) + goto err; + } if ((v = BN_mod_inverse_ct(v, e, order, ctx)) == NULL) goto err; if (BN_mod_mul(z1, sig->s, v, order, ctx) == 0) -- 2.20.1