1 files changed, 44 insertions, 0 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index be4ac96ce3..610889dc80 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -295,6 +295,28 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
        BN_init(&f);
        BN_init(&ret);
+        if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
+                {
+                RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
+                return -1;
+                }
+        if (BN_ucmp(rsa->n, rsa->e) <= 0)
+                {
+                RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+                return -1;
+                }
+        /* for large moduli, enforce exponent limit */
+        if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
+                {
+                if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
+                        {
+                        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+                        return -1;
+                        }
+                }
        if ((ctx=BN_CTX_new()) == NULL) goto err;
        num=BN_num_bytes(rsa->n);
        if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
@@ -576,6 +598,28 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
        unsigned char *buf=NULL;
        BN_CTX *ctx=NULL;
+        if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
+                {
+                RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
+                return -1;
+                }
+        if (BN_ucmp(rsa->n, rsa->e) <= 0)
+                {
+                RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
+                return -1;
+                }
+        /* for large moduli, enforce exponent limit */
+        if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
+                {
+                if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
+                        {
+                        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
+                        return -1;
+                        }
+                }
        BN_init(&f);
        BN_init(&ret);
        ctx=BN_CTX_new();

diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index be4ac96ce3..610889dc80 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -295,6 +295,28 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
295	BN_init(&f);	295	BN_init(&f);
296	BN_init(&ret);	296	BN_init(&ret);
297		297
		298	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
		299	{
		300	RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
		301	return -1;
		302	}
		303
		304	if (BN_ucmp(rsa->n, rsa->e) <= 0)
		305	{
		306	RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
		307	return -1;
		308	}
		309
		310	/* for large moduli, enforce exponent limit */
		311	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
		312	{
		313	if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
		314	{
		315	RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
		316	return -1;
		317	}
		318	}
		319
298	if ((ctx=BN_CTX_new()) == NULL) goto err;	320	if ((ctx=BN_CTX_new()) == NULL) goto err;
299	num=BN_num_bytes(rsa->n);	321	num=BN_num_bytes(rsa->n);
300	if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)	322	if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
@@ -576,6 +598,28 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
576	unsigned char *buf=NULL;	598	unsigned char *buf=NULL;
577	BN_CTX *ctx=NULL;	599	BN_CTX *ctx=NULL;
578		600
		601	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
		602	{
		603	RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
		604	return -1;
		605	}
		606
		607	if (BN_ucmp(rsa->n, rsa->e) <= 0)
		608	{
		609	RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
		610	return -1;
		611	}
		612
		613	/* for large moduli, enforce exponent limit */
		614	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
		615	{
		616	if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
		617	{
		618	RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
		619	return -1;
		620	}
		621	}
		622
579	BN_init(&f);	623	BN_init(&f);
580	BN_init(&ret);	624	BN_init(&ret);
581	ctx=BN_CTX_new();	625	ctx=BN_CTX_new();