diff options
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_pmeth.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c index a1bdeb3b36..b4e0448ef2 100644 --- a/src/lib/libcrypto/rsa/rsa_pmeth.c +++ b/src/lib/libcrypto/rsa/rsa_pmeth.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_pmeth.c,v 1.41 2024/08/26 22:01:28 op Exp $ */ | 1 | /* $OpenBSD: rsa_pmeth.c,v 1.42 2025/01/17 08:50:07 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -668,7 +668,12 @@ pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) | |||
| 668 | else if (!strcmp(value, "auto")) | 668 | else if (!strcmp(value, "auto")) |
| 669 | saltlen = RSA_PSS_SALTLEN_AUTO; | 669 | saltlen = RSA_PSS_SALTLEN_AUTO; |
| 670 | else { | 670 | else { |
| 671 | saltlen = strtonum(value, 0, INT_MAX, &errstr); | 671 | /* |
| 672 | * Accept the special values -1, -2, -3 since that's | ||
| 673 | * what atoi() historically did. Lower values are later | ||
| 674 | * rejected in EVP_PKEY_CTRL_RSA_PSS_SALTLEN anyway. | ||
| 675 | */ | ||
| 676 | saltlen = strtonum(value, -3, INT_MAX, &errstr); | ||
| 672 | if (errstr != NULL) { | 677 | if (errstr != NULL) { |
| 673 | RSAerror(RSA_R_INVALID_PSS_SALTLEN); | 678 | RSAerror(RSA_R_INVALID_PSS_SALTLEN); |
| 674 | return -2; | 679 | return -2; |
| @@ -718,7 +723,12 @@ pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) | |||
| 718 | if (strcmp(type, "rsa_pss_keygen_saltlen") == 0) { | 723 | if (strcmp(type, "rsa_pss_keygen_saltlen") == 0) { |
| 719 | int saltlen; | 724 | int saltlen; |
| 720 | 725 | ||
| 721 | saltlen = strtonum(value, 0, INT_MAX, &errstr); | 726 | /* |
| 727 | * Accept the special values -1, -2, -3 since that's | ||
| 728 | * what atoi() historically did. Lower values are later | ||
| 729 | * rejected in EVP_PKEY_CTRL_RSA_PSS_SALTLEN anyway. | ||
| 730 | */ | ||
| 731 | saltlen = strtonum(value, -3, INT_MAX, &errstr); | ||
| 722 | if (errstr != NULL) { | 732 | if (errstr != NULL) { |
| 723 | RSAerror(RSA_R_INVALID_PSS_SALTLEN); | 733 | RSAerror(RSA_R_INVALID_PSS_SALTLEN); |
| 724 | return -2; | 734 | return -2; |