OpenSolaris

Printable Version Enter a New Search
Bug ID 6706562
Synopsis pk11_DH_compute_key() returns 0 in case of failure instead of -1
State 10-Fix Delivered (Fix available in build)
Category:Subcategory solaris-crypto:openssl
Keywords rtiq_reviewed
Responsible Engineer Vladimir Kotal
Reported Against
Duplicate Of
Introduced In solaris_10
Commit to Fix snv_93
Fixed In snv_93
Release Fixed solaris_nevada(snv_93) , solaris_10u7(s10u7_01) (Bug ID:2165122)
Related Bugs
Submit Date 23-May-2008
Last Update Date 3-July-2008
Description 
pk11_DH_compute_key() returns 0 in the case of failure:

   2004 	CK_RV rv;
   2005 	int ret = 0;  << default return value
   2006 	PK11_SESSION *sp = NULL;
   2007 	char tmp_buf[20];

but DH_generate_key(3) OpenSSL man page says:

RETURN VALUES
     DH_generate_key() returns 1 on success, 0 otherwise.

     DH_compute_key() returns the size of the shared secret on
     success, -1 on error.

and native OpenSSL implementation $SRC/common/openssl/crypto/dh/dh_key.c:compute_key() confirms this:

    174 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
    175 	{
    176 	BN_CTX *ctx;
    177 	BN_MONT_CTX *mont=NULL;
    178 	BIGNUM *tmp;
    179 	int ret= -1;
    180         int check_result;
Work Around 
N/A
Comments 
N/A