Google Git
Sign in
flutter / third_party / openssl / 8d02bebddf4b69f7f260adfed4be4f498dcbd16c^! / .
commit8d02bebddf4b69f7f260adfed4be4f498dcbd16c[log] [tgz]
authorMatt Caswell <matt@openssl.org>Wed Nov 19 20:09:19 2014 +0000
committerMatt Caswell <matt@openssl.org>Thu Nov 20 15:20:37 2014 +0000
tree17c42299ab640b8b61fc9dd80d697c693b4d915b
parent31832e8ff1a3e731ea9fab41aef071a12709cf33 [diff]
When using EVP_PKEY_derive with a KDF set, a negative error from
ECDH_compute_key is silently ignored and the KDF is run on duff data

Thanks to github user tomykaira for the suggested fix.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index 81ad4d4..e66e690 100644
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c

@@ -244,8 +244,8 @@
 	outlen = *keylen;
 		
 	ret = ECDH_compute_key(key, outlen, pubkey, eckey, 0);
-	if (ret < 0)
-		return ret;
+	if (ret <= 0)
+		return 0;
 	*keylen = ret;
 	return 1;
 	}