Make some more half-empty EVP_PKEY states impossible#3056
Open
Make some more half-empty EVP_PKEY states impossible#3056
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
nebeid
changed the title
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3056 +/- ##
=======================================
Coverage 78.00% 78.01%
=======================================
Files 689 689
Lines 122405 122415 +10
Branches 17083 17088 +5
=======================================
+ Hits 95482 95498 +16
+ Misses 26026 26020 -6
Partials 897 897 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
justsmth
previously approved these changes
Mar 4, 2026
sgmenda
previously approved these changes
Mar 6, 2026
nebeid
force-pushed
the
bssl-cherry-pick-5b7171f2
branch
from
b62592d to
70c3064
Compare
Cherry-picked from BoringSSL 5b7171f2da10d5dad52d0a2e4426fbc71d4ff146.
EVP_PKEY_{assign,set1}_FOO would check for NULL, return an error, but
still leave the EVP_PKEY assigned to that type on failure. Check for
NULL first, so that we don't leave it in that state.
Adapted for AWS-LC:
- RSA/DSA/EC_KEY assign functions are in crypto/fipsmodule/evp/evp.c
(not split out into separate p_*_asn1.cc files as in BoringSSL)
- DH assign function is in crypto/evp_extra/p_dh_asn1.c
- Added NoHalfEmptyKeys test (AWS-LC did not have the BoringSSL
equivalent)
nebeid
force-pushed
the
bssl-cherry-pick-5b7171f2
branch
from
70c3064 to
a6b59db
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note: to be rebased on #3055
Description of changes:
BoringSSL commit google/boringssl@5b7171f: "Make some more half-empty EVP_PKEY states impossible"
Changes (3 files):
crypto/fipsmodule/evp/evp.c—EVP_PKEY_assign_RSA,EVP_PKEY_assign_DSA,EVP_PKEY_assign_EC_KEY: check for NULL key before callingevp_pkey_set_method, return 0 early instead of setting the method and then returningkey != NULLcrypto/evp_extra/p_dh_asn1.c— Same fix forEVP_PKEY_assign_DHcrypto/evp_extra/evp_extra_test.cc— AddedNoHalfEmptyKeystest verifying thatEVP_PKEY_set1_*(pkey, nullptr)fails without changing the key typeAdaptations for AWS-LC:
AWS-LC didn't take RSA/DSA/EC_KEY out of the FIPS module (unlike BoringSSL's google/boringssl@044fbc8), so the changes go in
crypto/fipsmodule/evp/evp.crather than separatep_*_asn1.ccfiles.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.