1 files changed, 22 insertions, 0 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index 0ac6418449..04ec789ee9 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -353,6 +353,28 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
        int local_blinding = 0;
        BN_BLINDING *blinding = NULL;
+        if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
+                {
+                RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
+                return -1;
+                }
+        if (BN_ucmp(rsa->n, rsa->e) <= 0)
+                {
+                RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+                return -1;
+                }
+        /* for large moduli, enforce exponent limit */
+        if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
+                {
+                if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
+                        {
+                        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+                        return -1;
+                        }
+                }
        if ((ctx=BN_CTX_new()) == NULL) goto err;
        BN_CTX_start(ctx);
        f   = BN_CTX_get(ctx);

diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 0ac6418449..04ec789ee9 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -353,6 +353,28 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
353	int local_blinding = 0;	353	int local_blinding = 0;
354	BN_BLINDING *blinding = NULL;	354	BN_BLINDING *blinding = NULL;
355		355
		356	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
		357	{
		358	RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
		359	return -1;
		360	}
		361
		362	if (BN_ucmp(rsa->n, rsa->e) <= 0)
		363	{
		364	RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
		365	return -1;
		366	}
		367
		368	/* for large moduli, enforce exponent limit */
		369	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
		370	{
		371	if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
		372	{
		373	RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
		374	return -1;
		375	}
		376	}
		377
356	if ((ctx=BN_CTX_new()) == NULL) goto err;	378	if ((ctx=BN_CTX_new()) == NULL) goto err;
357	BN_CTX_start(ctx);	379	BN_CTX_start(ctx);
358	f = BN_CTX_get(ctx);	380	f = BN_CTX_get(ctx);