root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

ec_kem.c: Fix ikmlen check 

This makes `ikmlen` have a length of at least `Nsk`.

Closes #26213

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26254)

(cherry picked from commit c93f4a1e75)
This commit is contained in:
Зишан Мирза 2024-12-24 11:05:21 +05:00 committed by Tomas Mraz
parent 9499fb2807
commit 29a4dc665b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
providers/implementations/kem/ec_kem.c
View File

@ -405,10 +405,10 @@ int ossl_ec_dhkem_derive_private(EC_KEY *ec, BIGNUM *priv,
return 0; return 0;
/* ikmlen should have a length of at least Nsk */ /* ikmlen should have a length of at least Nsk */
if (ikmlen < info->Nsecret) { if (ikmlen < info->Nsk) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_INPUT_LENGTH, ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_INPUT_LENGTH,
"ikm length is :%zu, should be at least %zu", "ikm length is :%zu, should be at least %zu",
ikmlen, info->Nsecret); ikmlen, info->Nsk);
goto err; goto err;
} }