Skip to content

fill in alg_bits #9457

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
anhu wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fill in alg_bits #9457

anhu wants to merge 1 commit into from

Conversation

@anhu
Copy link
Member

@anhu anhu commented Nov 21, 2025

Fixes #7356

@anhu anhu requested a review from wolfSSL-Bot November 21, 2025 17:09
@anhu anhu self-assigned this Nov 21, 2025
@devin-ai-integration
Copy link
Contributor

devin-ai-integration bot commented Nov 21, 2025

🛟 Devin Lifeguard found 1 likely issues in this PR

  • pointer-null-check snippet: Add alg_bits != NULL to the condition (e.g., if (c != NULL && alg_bits != NULL) { ... }) before writing to *alg_bits.

@anhu
please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

@anhu
Copy link
Member Author

anhu commented Nov 21, 2025

I'm a little weary about this one as I think we were not filling it in on purpose. It doesn't look like that was an accident.

@anhu anhu mentioned this pull request Nov 27, 2025
Open
SparkiDev
SparkiDev reviewed Dec 1, 2025
View reviewed changes
src/ssl.c
ret = c->bits;
if (alg_bits != NULL)
*alg_bits = c->bits;
Copy link
Contributor

@SparkiDev SparkiDev Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The algorithm bits is c->bits while what is returned by OpenSSL is the strength bits which may be less due to the cipher suite.
CCM_8 has a strength_bits of 64 and an algorithm bits of 128.
Integrity only cipher suites have 0 strength bits but hash length algorithm bits.

@dgarske dgarske assigned anhu and unassigned anhu Dec 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SparkiDev SparkiDev SparkiDev left review comments

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

At least 1 approving review is required to merge this pull request.

Assignees

@anhu anhu

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[OpenSSL compatibility]: 5.6.6 and/or v5.6.6-stable-564-g3129e29a1 do not fill int pointed to by 2nd argument to SSL_CIPHER_get_bits(sc, &bitsalg);

2 participants

@anhu @SparkiDev