Skip to content

Commit

Permalink
Protecting from NULL parameters (open-quantum-safe#350)
Browse files Browse the repository at this point in the history
* guard against possible NULL parameters passed

* fix SECURITY status [skip ci]

Signed-off-by: Felipe Ventura <felipe.ventura@entrust.com>
  • Loading branch information
baentsch authored and feventura committed Mar 13, 2024
1 parent 5b89c46 commit 31e2be9
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 6 deletions.
4 changes: 3 additions & 1 deletion SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,9 @@ We only support the most recent release.

| Version | Supported |
| ------- | ------------------ |
| 0.5.1 | :white_check_mark: |
| 0.5.3 | :white_check_mark: |
| 0.5.2 | :x: |
| 0.5.1 | :x: |
| < 0.5 | :x: |

## Reporting a Vulnerability
Expand Down
22 changes: 18 additions & 4 deletions oqsprov/oqs_kmgmt.c
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,11 @@ static int oqsx_match(const void *keydata1, const void *keydata2, int selection)
keydata2);
OQS_KM_PRINTF2("OQSKEYMGMT: match called for selection %d\n", selection);

if (key1 == NULL || key2 == NULL) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS);
return 0;
}

#ifdef NOPUBKEY_IN_PRIVKEY
/* Now this is a "leap of faith" logic: If a public-only PKEY and a
* private-only PKEY are tested for equality we cannot do anything other
Expand Down Expand Up @@ -279,8 +284,8 @@ static int oqsx_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
* In this implementation, only public and private keys can be exported,
* nothing else
*/
if (key == NULL) {
ERR_raise(ERR_LIB_USER, OQSPROV_UNEXPECTED_NULL);
if (key == NULL || param_cb == NULL) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS);
return 0;
}

Expand Down Expand Up @@ -329,6 +334,11 @@ static int oqsx_get_params(void *key, OSSL_PARAM params[])
OQSX_KEY *oqsxk = key;
OSSL_PARAM *p;

if (oqsxk == NULL || params == NULL) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS);
return 0;
}

OQS_KM_PRINTF2("OQSKEYMGMT: get_params called for %s\n", params[0].key);
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL
&& !OSSL_PARAM_set_int(p, oqsx_key_secbits(oqsxk)))
Expand Down Expand Up @@ -414,6 +424,10 @@ static int oqsx_set_params(void *key, const OSSL_PARAM params[])
const OSSL_PARAM *p;

OQS_KM_PRINTF("OQSKEYMGMT: set_params called\n");
if (oqsxkey == NULL) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS);
return 0;
}
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY);
if (p != NULL) {
size_t used_len;
Expand Down Expand Up @@ -487,10 +501,10 @@ static void *oqsx_genkey(struct oqsx_gen_ctx *gctx)
{
OQSX_KEY *key;

OQS_KM_PRINTF3("OQSKEYMGMT: gen called for %s (%s)\n", gctx->oqs_name,
gctx->tls_name);
if (gctx == NULL)
return NULL;
OQS_KM_PRINTF3("OQSKEYMGMT: gen called for %s (%s)\n", gctx->oqs_name,
gctx->tls_name);
if ((key = oqsx_key_new(gctx->libctx, gctx->oqs_name, gctx->tls_name,
gctx->primitive, gctx->propq, gctx->bit_security,
gctx->alg_idx))
Expand Down
3 changes: 2 additions & 1 deletion oqsprov/oqs_prov.h
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,8 @@ typedef struct prov_oqs_ctx_st {
PROV_OQS_CTX *oqsx_newprovctx(OSSL_LIB_CTX *libctx,
const OSSL_CORE_HANDLE *handle, BIO_METHOD *bm);
void oqsx_freeprovctx(PROV_OQS_CTX *ctx);
#define PROV_OQS_LIBCTX_OF(provctx) (((PROV_OQS_CTX *)provctx)->libctx)
#define PROV_OQS_LIBCTX_OF(provctx) \
provctx ? (((PROV_OQS_CTX *)provctx)->libctx) : NULL

#include "oqs/oqs.h"
#ifdef USE_ENCODING_LIB
Expand Down

0 comments on commit 31e2be9

Please sign in to comment.