File CVE-2021-3711-1-Correctly-calculate-the-length-of-SM2-plaintext-give.patch of Package openssl-1_1.29253

Index: openssl-1.1.1d/crypto/include/internal/sm2.h
===================================================================
--- openssl-1.1.1d.orig/crypto/include/internal/sm2.h
+++ openssl-1.1.1d/crypto/include/internal/sm2.h
@@ -60,8 +60,7 @@ int sm2_verify(const unsigned char *dgst
 int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
                         size_t *ct_size);
 
-int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
-                       size_t *pt_size);
+int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size);
 
 int sm2_encrypt(const EC_KEY *key,
                 const EVP_MD *digest,
Index: openssl-1.1.1d/crypto/sm2/sm2_crypt.c
===================================================================
--- openssl-1.1.1d.orig/crypto/sm2/sm2_crypt.c
+++ openssl-1.1.1d/crypto/sm2/sm2_crypt.c
@@ -61,29 +61,20 @@ static size_t ec_field_size(const EC_GRO
     return field_size;
 }
 
-int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
-                       size_t *pt_size)
+int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size)
 {
-    const size_t field_size = ec_field_size(EC_KEY_get0_group(key));
-    const int md_size = EVP_MD_size(digest);
-    size_t overhead;
+    struct SM2_Ciphertext_st *sm2_ctext = NULL;
 
-    if (md_size < 0) {
-        SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_DIGEST);
-        return 0;
-    }
-    if (field_size == 0) {
-        SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_FIELD);
-        return 0;
-    }
+    sm2_ctext = d2i_SM2_Ciphertext(NULL, &ct, ct_size);
 
-    overhead = 10 + 2 * field_size + (size_t)md_size;
-    if (msg_len <= overhead) {
+    if (sm2_ctext == NULL) {
         SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_ENCODING);
         return 0;
     }
 
-    *pt_size = msg_len - overhead;
+    *pt_size = sm2_ctext->C2->length;
+    SM2_Ciphertext_free(sm2_ctext);
+
     return 1;
 }
 
Index: openssl-1.1.1d/crypto/sm2/sm2_pmeth.c
===================================================================
--- openssl-1.1.1d.orig/crypto/sm2/sm2_pmeth.c
+++ openssl-1.1.1d/crypto/sm2/sm2_pmeth.c
@@ -151,7 +151,7 @@ static int pkey_sm2_decrypt(EVP_PKEY_CTX
     const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md;
 
     if (out == NULL) {
-        if (!sm2_plaintext_size(ec, md, inlen, outlen))
+        if (!sm2_plaintext_size(in, inlen, outlen))
             return -1;
         else
             return 1;
Index: openssl-1.1.1d/test/sm2_internal_test.c
===================================================================
--- openssl-1.1.1d.orig/test/sm2_internal_test.c
+++ openssl-1.1.1d/test/sm2_internal_test.c
@@ -185,7 +185,7 @@ static int test_sm2_crypt(const EC_GROUP
     if (!TEST_mem_eq(ctext, ctext_len, expected, ctext_len))
         goto done;
 
-    if (!TEST_true(sm2_plaintext_size(key, digest, ctext_len, &ptext_len))
+    if (!TEST_true(sm2_plaintext_size(ctext, ctext_len, &ptext_len))
             || !TEST_int_eq(ptext_len, msg_len))
         goto done;
Places

File CVE-2021-3711-1-Correctly-calculate-the-length-of-SM2-plaintext-give.patch of Package openssl-1_1.29253

Places
