Fix incorrect RSA_public_decrypt() return check

RSA_public_decrypt() returns <= 0 on error. Assigning to a size_t and checking for == 0 is not the right thing to do here. Neither is blindly turning the check into <= 0... Found by Niels Dossche ok jsing
author: tb <> 2023-03-06 08:31:34 +0000
committer: tb <> 2023-03-06 08:31:34 +0000
commit: 6d55865d658cc128dcfc12087fc0d797c48fb108 (patch)
tree: 37817dd577ee74a6b285746eac4625696e1055fb /src
parent: 4fcd281723e0297f5e683485b2f616b64027349d (diff)
download: openbsd-6d55865d658cc128dcfc12087fc0d797c48fb108.tar.gz
openbsd-6d55865d658cc128dcfc12087fc0d797c48fb108.tar.bz2
openbsd-6d55865d658cc128dcfc12087fc0d797c48fb108.zip
1 files changed, 8 insertions, 4 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c
index 0b3774bf6e..3747f1dd28 100644
--- a/src/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.34 2022/11/26 16:08:54 tb Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.35 2023/03/06 08:31:34 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -326,12 +326,16 @@ pkey_rsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
                        return -1;
                }
        } else {
+                int ret;
                if (!setup_tbuf(rctx, ctx))
                        return -1;
-                rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa,
-                    rctx->pad_mode);
+                if ((ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa,
-                if (rslen == 0)
+                    rctx->pad_mode)) <= 0)
                        return 0;
+                rslen = ret;
        }
        if (rslen != tbslen || timingsafe_bcmp(tbs, rctx->tbuf, rslen))
author	tb <>	2023-03-06 08:31:34 +0000
committer	tb <>	2023-03-06 08:31:34 +0000
commit	6d55865d658cc128dcfc12087fc0d797c48fb108 (patch)
tree	37817dd577ee74a6b285746eac4625696e1055fb /src
parent	4fcd281723e0297f5e683485b2f616b64027349d (diff)
download	openbsd-6d55865d658cc128dcfc12087fc0d797c48fb108.tar.gz openbsd-6d55865d658cc128dcfc12087fc0d797c48fb108.tar.bz2 openbsd-6d55865d658cc128dcfc12087fc0d797c48fb108.zip

diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c index 0b3774bf6e..3747f1dd28 100644 --- a/src/lib/libcrypto/rsa/rsa_pmeth.c +++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_pmeth.c,v 1.34 2022/11/26 16:08:54 tb Exp $ */	1	/* $OpenBSD: rsa_pmeth.c,v 1.35 2023/03/06 08:31:34 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -326,12 +326,16 @@ pkey_rsa_verify(EVP_PKEY_CTX ctx, const unsigned char sig, size_t siglen,
326	return -1;	326	return -1;
327	}	327	}
328	} else {	328	} else {
		329	int ret;
		330
329	if (!setup_tbuf(rctx, ctx))	331	if (!setup_tbuf(rctx, ctx))
330	return -1;	332	return -1;
331	rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa,	333
332	rctx->pad_mode);	334	if ((ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa,
333	if (rslen == 0)	335	rctx->pad_mode)) <= 0)
334	return 0;	336	return 0;
		337
		338	rslen = ret;
335	}	339	}
336		340
337	if (rslen != tbslen \|\| timingsafe_bcmp(tbs, rctx->tbuf, rslen))	341	if (rslen != tbslen \|\| timingsafe_bcmp(tbs, rctx->tbuf, rslen))