diff options
| author | beck <> | 2017-01-29 17:49:23 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-29 17:49:23 +0000 |
| commit | 957b11334a7afb14537322f0e4795b2e368b3f59 (patch) | |
| tree | 1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/rsa/rsa_ssl.c | |
| parent | df96e020e729c6c37a8c7fe311fdd1fe6a8718c5 (diff) | |
| download | openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.gz openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.bz2 openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.zip | |
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_ssl.c')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_ssl.c | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c index 73262f29c1..60fc8ec94f 100644 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ b/src/lib/libcrypto/rsa/rsa_ssl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_ssl.c,v 1.14 2014/10/22 13:02:04 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_ssl.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -72,8 +72,7 @@ RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from, | |||
| 72 | unsigned char *p; | 72 | unsigned char *p; |
| 73 | 73 | ||
| 74 | if (flen > tlen - 11) { | 74 | if (flen > tlen - 11) { |
| 75 | RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23, | 75 | RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); |
| 76 | RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
| 77 | return 0; | 76 | return 0; |
| 78 | } | 77 | } |
| 79 | 78 | ||
| @@ -109,12 +108,11 @@ RSA_padding_check_SSLv23(unsigned char *to, int tlen, const unsigned char *from, | |||
| 109 | 108 | ||
| 110 | p = from; | 109 | p = from; |
| 111 | if (flen < 10) { | 110 | if (flen < 10) { |
| 112 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL); | 111 | RSAerror(RSA_R_DATA_TOO_SMALL); |
| 113 | return -1; | 112 | return -1; |
| 114 | } | 113 | } |
| 115 | if (num != flen + 1 || *(p++) != 02) { | 114 | if (num != flen + 1 || *(p++) != 02) { |
| 116 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, | 115 | RSAerror(RSA_R_BLOCK_TYPE_IS_NOT_02); |
| 117 | RSA_R_BLOCK_TYPE_IS_NOT_02); | ||
| 118 | return -1; | 116 | return -1; |
| 119 | } | 117 | } |
| 120 | 118 | ||
| @@ -125,8 +123,7 @@ RSA_padding_check_SSLv23(unsigned char *to, int tlen, const unsigned char *from, | |||
| 125 | break; | 123 | break; |
| 126 | 124 | ||
| 127 | if (i == j || i < 8) { | 125 | if (i == j || i < 8) { |
| 128 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, | 126 | RSAerror(RSA_R_NULL_BEFORE_BLOCK_MISSING); |
| 129 | RSA_R_NULL_BEFORE_BLOCK_MISSING); | ||
| 130 | return -1; | 127 | return -1; |
| 131 | } | 128 | } |
| 132 | for (k = -9; k < -1; k++) { | 129 | for (k = -9; k < -1; k++) { |
| @@ -134,15 +131,14 @@ RSA_padding_check_SSLv23(unsigned char *to, int tlen, const unsigned char *from, | |||
| 134 | break; | 131 | break; |
| 135 | } | 132 | } |
| 136 | if (k == -1) { | 133 | if (k == -1) { |
| 137 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, | 134 | RSAerror(RSA_R_SSLV3_ROLLBACK_ATTACK); |
| 138 | RSA_R_SSLV3_ROLLBACK_ATTACK); | ||
| 139 | return -1; | 135 | return -1; |
| 140 | } | 136 | } |
| 141 | 137 | ||
| 142 | i++; /* Skip over the '\0' */ | 138 | i++; /* Skip over the '\0' */ |
| 143 | j -= i; | 139 | j -= i; |
| 144 | if (j > tlen) { | 140 | if (j > tlen) { |
| 145 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_LARGE); | 141 | RSAerror(RSA_R_DATA_TOO_LARGE); |
| 146 | return -1; | 142 | return -1; |
| 147 | } | 143 | } |
| 148 | memcpy(to, p, j); | 144 | memcpy(to, p, j); |