WebCrypto: improved njs_bn_bn2binpad() for OpenSSL < 1.1.0.

author Dmitry Volyntsev <xeioex@nginx.com>

Thu, 5 Jan 2023 04:39:21 +0000 (20:39 -0800)

committer Dmitry Volyntsev <xeioex@nginx.com>

Thu, 5 Jan 2023 04:39:21 +0000 (20:39 -0800)
author Dmitry Volyntsev <xeioex@nginx.com>
Thu, 5 Jan 2023 04:39:21 +0000 (20:39 -0800)
committer Dmitry Volyntsev <xeioex@nginx.com>
Thu, 5 Jan 2023 04:39:21 +0000 (20:39 -0800)
diff --git a/external/njs_openssl.h b/external/njs_openssl.h

index 87d425ded45263c10a64c0631e0f051931b4952c..dab3f6ad01663b2998b57999b0f6fa13c73c0600 100644 (file)
--- a/external/njs_openssl.h
+++ b/external/njs_openssl.h
@@ -62,7 +62,18 @@ njs_bn_bn2binpad(const BIGNUM *bn, unsigned char *to, int tolen)
  #if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
      return BN_bn2binpad(bn, to, tolen);
  #else
-    return BN_bn2bin(bn, &to[tolen - BN_num_bytes(bn)]);
+    int  len;
+
+    len = BN_num_bytes(bn);
+
+    if (tolen > len) {
+        memset(to, 0, tolen - len);
+
+    } else if (tolen < len) {
+        return -1;
+    }
+
+    return BN_bn2bin(bn, &to[tolen - len]);
  #endif
  }
  
diff --git a/external/njs_webcrypto_module.c b/external/njs_webcrypto_module.c

index ae63ae6100bc0833fc1b3616311fb653f09bf735..9a85640263084b9fa408d93ab8c9e541d5a4aebb 100644 (file)
--- a/external/njs_webcrypto_module.c
+++ b/external/njs_webcrypto_module.c
@@ -3646,10 +3646,6 @@ njs_convert_der_to_p1363(njs_vm_t *vm, EVP_PKEY *pkey, const u_char *der,
          goto fail;
      }
  
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    memset(data, 0, 2 * n);
-#endif
-
      if (njs_bn_bn2binpad(ECDSA_SIG_get0_r(ec_sig), data, n) <= 0) {
          goto fail;
      }
author	Dmitry Volyntsev <xeioex@nginx.com>
	Thu, 5 Jan 2023 04:39:21 +0000 (20:39 -0800)
committer	Dmitry Volyntsev <xeioex@nginx.com>
	Thu, 5 Jan 2023 04:39:21 +0000 (20:39 -0800)
external/njs_openssl.h		patch \| blob \| history
external/njs_webcrypto_module.c		patch \| blob \| history