2023671 – EVP_PKEY_new_raw_private_key with too short key corrupts memory

Bug 2023671 - EVP_PKEY_new_raw_private_key with too short key corrupts memory

Summary: EVP_PKEY_new_raw_private_key with too short key corrupts memory

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	openssl
Sub Component:
Version:	36
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Dmitry Belyavskiy
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-11-16 10:25 UTC by Petr Menšík
Modified:	2022-03-28 13:04 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-03-28 13:04:11 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	openssl openssl issues 17017	None	open	EVP_PKEY_new_raw_private_key(NID_ED25519) does not return fail on short key	2021-11-16 10:25:17 UTC
Github	strongswan strongswan issues 753	None	closed	make check fails on ed25519_fail test with openssl 3.0	2021-11-16 10:25:17 UTC
Red Hat Issue Tracker	FC-330	None	None	None	2021-11-16 10:28:48 UTC

Description Petr Menšík 2021-11-16 10:25:17 UTC

Description of problem:
When I tried to enable strongswan package testsuite on Rawhide, it fails also on test it does not fail on f35. Reported it upstream and they confirmed it is bug in OpenSSL. Can the fix be backported? I could start testsuite runs during builds if every test always passes.

Version-Release number of selected component (if applicable):
openssl-3.0.0-1.fc36

How reproducible:
reliable

Steps to Reproduce:
1. Use test program below
2. Run it on openssl 3.0
3.

Actual results:
Crashes

Expected results:
Should just return null and end in a normal way.


Additional info:

// compile by: gcc -Wall -g test.c -o test $(pkg-config --libs --cflags openssl)
#include <openssl/evp.h>

int main(int argc, char *argv[])
{
        unsigned char data[] = { 234, };
        EVP_PKEY *p;
        p = EVP_PKEY_new_raw_private_key(NID_ED25519, NULL, data, 1 /*sizeof(data)*/);
        printf("PKEY: %p\n", p);
        return 0;
}

Comment 1 Ben Cotton 2022-02-08 21:27:45 UTC

This bug appears to have been reported against 'rawhide' during the Fedora 36 development cycle.
Changing version to 36.

Comment 2 Dmitry Belyavskiy 2022-03-28 13:04:11 UTC

As we successfully rebased to 3.0.2 where the fix is included, it should be fixed.

Note You need to log in before you can comment on or make changes to this bug.