Skip to content

EVP_PKEY_cmp() Fails Identical keys #14147

New issue
New issue
Closed
prchander/openssl
#3
Closed
EVP_PKEY_cmp() Fails Identical keys#14147
prchander/openssl
#3
Labels
branch: 1.1.1Applies to OpenSSL_1_1_1-stable branch (EOL)resolved: fixedThis issue has been fixedtriaged: bugThe issue/pr is/fixes a bug
@ashman-p

Description

@ashman-p
ashman-p
opened on Feb 10, 2021

Create a EVP_PKEY and compare it to itself. EVP_PKEY_cmp() returns 0, which means a mismatch.
See code fragment below.

	int rv = 0;

	EVP_PKEY *mac_key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
	                                                 (const unsigned char *)("0123456789"),
	                                                 strlen("0123456789"));

    rv = EVP_PKEY_cmp(mac_key, mac_key);
    if (rv != 1) {
        printf("key compare failed. rv = %d\n", rv);
        return 0;
    }
    printf("key compare passed\n");

Possible fix ...

@ -130,8 +130,14 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
                return ret;
        }

        if (a->ameth->pub_cmp)
            return a->ameth->pub_cmp(a, b);
        if (a->ameth->pub_cmp) {
            ret = a->ameth->pub_cmp(a, b);
            if (ret == 0) {
                return 1;
            } else {
                return 0;
            }
        }
    }

The issue is present in the latest 1.1.1 stable branch. And appears to be on Master (3.0) as well.

Metadata

Metadata

Assignees

No one assigned

    Labels

    branch: 1.1.1Applies to OpenSSL_1_1_1-stable branch (EOL)resolved: fixedThis issue has been fixedtriaged: bugThe issue/pr is/fixes a bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions