diff options
author | miod <> | 2016-11-08 20:01:06 +0000 |
---|---|---|
committer | miod <> | 2016-11-08 20:01:06 +0000 |
commit | 5605f577187336e02b609bad906ab42478c7340a (patch) | |
tree | 39318fe771bd94c87998e1dd5db6fa0412737647 /src/lib/libcrypto/evp/p5_crpt.c | |
parent | b7cb70902c58c927b969ecac46828718a5ff0497 (diff) | |
download | openbsd-5605f577187336e02b609bad906ab42478c7340a.tar.gz openbsd-5605f577187336e02b609bad906ab42478c7340a.tar.bz2 openbsd-5605f577187336e02b609bad906ab42478c7340a.zip |
Stricter checks of ASN1_INTEGER to reject ASN1_NEG_INTEGER in places when
they don't make sense.
ok beck@
Diffstat (limited to 'src/lib/libcrypto/evp/p5_crpt.c')
-rw-r--r-- | src/lib/libcrypto/evp/p5_crpt.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c index 626910fd7a..1d02cbf4a6 100644 --- a/src/lib/libcrypto/evp/p5_crpt.c +++ b/src/lib/libcrypto/evp/p5_crpt.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: p5_crpt.c,v 1.16 2015/09/10 15:56:25 jsing Exp $ */ | 1 | /* $OpenBSD: p5_crpt.c,v 1.17 2016/11/08 20:01:06 miod Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 1999. | 3 | * project 1999. |
4 | */ | 4 | */ |
@@ -106,8 +106,11 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
106 | 106 | ||
107 | if (!pbe->iter) | 107 | if (!pbe->iter) |
108 | iter = 1; | 108 | iter = 1; |
109 | else | 109 | else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { |
110 | iter = ASN1_INTEGER_get (pbe->iter); | 110 | EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, |
111 | EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); | ||
112 | return 0; | ||
113 | } | ||
111 | salt = pbe->salt->data; | 114 | salt = pbe->salt->data; |
112 | saltlen = pbe->salt->length; | 115 | saltlen = pbe->salt->length; |
113 | 116 | ||