When a private key is validated and there is no private key, return early.

Affected functions:

dsa_validate_public
dsa_validate_private
dh_validate_public
dh_validate_private

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11598)

2 files changed, 8 insertions, 0 deletions

diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index f09654c048..a551a72d79 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -322,6 +322,8 @@ static int dh_validate_public(DH *dh)
     const BIGNUM *pub_key = NULL;
 
     DH_get0_key(dh, &pub_key, NULL);
+    if (pub_key == NULL)
+        return 0;
     return DH_check_pub_key_ex(dh, pub_key);
 }
 
@@ -331,6 +333,8 @@ static int dh_validate_private(DH *dh)
     const BIGNUM *priv_key = NULL;
 
     DH_get0_key(dh, NULL, &priv_key);
+    if (priv_key == NULL)
+        return 0;
     return dh_check_priv_key(dh, priv_key, &status);;
 }
 
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index 1261035296..de54b9a3fd 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -312,6 +312,8 @@ static int dsa_validate_public(DSA *dsa)
     const BIGNUM *pub_key = NULL;
 
     DSA_get0_key(dsa, &pub_key, NULL);
+    if (pub_key == NULL)
+        return 0;
     return dsa_check_pub_key(dsa, pub_key, &status);
 }
 
@@ -321,6 +323,8 @@ static int dsa_validate_private(DSA *dsa)
     const BIGNUM *priv_key = NULL;
 
     DSA_get0_key(dsa, NULL, &priv_key);
+    if (priv_key == NULL)
+        return 0;
     return dsa_check_priv_key(dsa, priv_key, &status);
 }