1 files changed, 63 insertions, 65 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c
index cca503e026..50dfef7e71 100644
--- a/src/lib/libcrypto/rsa/rsa_saos.c
+++ b/src/lib/libcrypto/rsa/rsa_saos.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_saos.c,v 1.11 2014/06/12 15:49:30 deraadt Exp $ */
+/* $OpenBSD: rsa_saos.c,v 1.12 2014/07/09 08:20:08 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -63,88 +63,86 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
-int RSA_sign_ASN1_OCTET_STRING(int type,
+int
-        const unsigned char *m, unsigned int m_len,
+RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m, unsigned int m_len,
-        unsigned char *sigret, unsigned int *siglen, RSA *rsa)
+    unsigned char *sigret, unsigned int *siglen, RSA *rsa)
-        {
+{
        ASN1_OCTET_STRING sig;
-        int i,j,ret=1;
+        int i, j, ret = 1;
        unsigned char *p,*s;
-        sig.type=V_ASN1_OCTET_STRING;
+        sig.type = V_ASN1_OCTET_STRING;
-        sig.length=m_len;
+        sig.length = m_len;
-        sig.data=(unsigned char *)m;
+        sig.data = (unsigned char *)m;
-        i=i2d_ASN1_OCTET_STRING(&sig,NULL);
+        i = i2d_ASN1_OCTET_STRING(&sig, NULL);
-        j=RSA_size(rsa);
+        j = RSA_size(rsa);
-        if (i > (j-RSA_PKCS1_PADDING_SIZE))
+        if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
-                {
+                RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,
-                RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+                    RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
-                return(0);
+                return 0;
-                }
+        }
-        s = malloc((unsigned int)j+1);
+        s = malloc((unsigned int)j + 1);
-        if (s == NULL)
+        if (s == NULL) {
-                {
+                RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
-                RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+                return 0;
-                return(0);
+        }
-                }
+        p = s;
-        p=s;
+        i2d_ASN1_OCTET_STRING(&sig, &p);
-        i2d_ASN1_OCTET_STRING(&sig,&p);
+        i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
-        i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
        if (i <= 0)
-                ret=0;
+                ret = 0;
        else
-                *siglen=i;
+                *siglen = i;
-        OPENSSL_cleanse(s,(unsigned int)j+1);
+        OPENSSL_cleanse(s, (unsigned int)j + 1);
        free(s);
-        return(ret);
+        return ret;
-        }
+}
-int RSA_verify_ASN1_OCTET_STRING(int dtype,
+int
-        const unsigned char *m,
+RSA_verify_ASN1_OCTET_STRING(int dtype, const unsigned char *m,
-        unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
+    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
-        RSA *rsa)
+{
-        {
+        int i, ret = 0;
-        int i,ret=0;
        unsigned char *s;
        const unsigned char *p;
-        ASN1_OCTET_STRING *sig=NULL;
+        ASN1_OCTET_STRING *sig = NULL;
-        if (siglen != (unsigned int)RSA_size(rsa))
+        if (siglen != (unsigned int)RSA_size(rsa)) {
-                {
+                RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
-                RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
+                    RSA_R_WRONG_SIGNATURE_LENGTH);
-                return(0);
+                return 0;
-                }
+        }
        s = malloc((unsigned int)siglen);
-        if (s == NULL)
+        if (s == NULL) {
-                {
+                RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
-                RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+                    ERR_R_MALLOC_FAILURE);
                goto err;
-                }
+        }
-        i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+        i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
-        if (i <= 0) goto err;
+        if (i <= 0)
+                goto err;
-        p=s;
+        p = s;
-        sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
+        sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i);
-        if (sig == NULL) goto err;
+        if (sig == NULL)
+                goto err;
-        if (    ((unsigned int)sig->length != m_len) ||
+        if ((unsigned int)sig->length != m_len ||
-                (memcmp(m,sig->data,m_len) != 0))
+            memcmp(m,sig->data, m_len) != 0) {
-                {
+                RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
-                RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
+                    RSA_R_BAD_SIGNATURE);
-                }
+        } else
-        else
+                ret = 1;
-                ret=1;
 err:
-        if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
+        if (sig != NULL)
-        if (s != NULL)
+                M_ASN1_OCTET_STRING_free(sig);
-                {
+        if (s != NULL) {
-                OPENSSL_cleanse(s,(unsigned int)siglen);
+                OPENSSL_cleanse(s, (unsigned int)siglen);
                free(s);
-                }
-        return(ret);
        }
+        return ret;
+}

diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c index cca503e026..50dfef7e71 100644 --- a/src/lib/libcrypto/rsa/rsa_saos.c +++ b/src/lib/libcrypto/rsa/rsa_saos.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_saos.c,v 1.11 2014/06/12 15:49:30 deraadt Exp $ */	1	/* $OpenBSD: rsa_saos.c,v 1.12 2014/07/09 08:20:08 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -63,88 +63,86 @@
63	#include <openssl/objects.h>	63	#include <openssl/objects.h>
64	#include <openssl/x509.h>	64	#include <openssl/x509.h>
65		65
66	int RSA_sign_ASN1_OCTET_STRING(int type,	66	int
67	const unsigned char *m, unsigned int m_len,	67	RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m, unsigned int m_len,
68	unsigned char sigret, unsigned int siglen, RSA *rsa)	68	unsigned char sigret, unsigned int siglen, RSA *rsa)
69	{	69	{
70	ASN1_OCTET_STRING sig;	70	ASN1_OCTET_STRING sig;
71	int i,j,ret=1;	71	int i, j, ret = 1;
72	unsigned char p,s;	72	unsigned char p,s;
73		73
74	sig.type=V_ASN1_OCTET_STRING;	74	sig.type = V_ASN1_OCTET_STRING;
75	sig.length=m_len;	75	sig.length = m_len;
76	sig.data=(unsigned char *)m;	76	sig.data = (unsigned char *)m;
77		77
78	i=i2d_ASN1_OCTET_STRING(&sig,NULL);	78	i = i2d_ASN1_OCTET_STRING(&sig, NULL);
79	j=RSA_size(rsa);	79	j = RSA_size(rsa);
80	if (i > (j-RSA_PKCS1_PADDING_SIZE))	80	if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
81	{	81	RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,
82	RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);	82	RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
83	return(0);	83	return 0;
84	}	84	}
85	s = malloc((unsigned int)j+1);	85	s = malloc((unsigned int)j + 1);
86	if (s == NULL)	86	if (s == NULL) {
87	{	87	RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
88	RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);	88	return 0;
89	return(0);	89	}
90	}	90	p = s;
91	p=s;	91	i2d_ASN1_OCTET_STRING(&sig, &p);
92	i2d_ASN1_OCTET_STRING(&sig,&p);	92	i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
93	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
94	if (i <= 0)	93	if (i <= 0)
95	ret=0;	94	ret = 0;
96	else	95	else
97	*siglen=i;	96	*siglen = i;
98		97
99	OPENSSL_cleanse(s,(unsigned int)j+1);	98	OPENSSL_cleanse(s, (unsigned int)j + 1);
100	free(s);	99	free(s);
101	return(ret);	100	return ret;
102	}	101	}
103		102
104	int RSA_verify_ASN1_OCTET_STRING(int dtype,	103	int
105	const unsigned char *m,	104	RSA_verify_ASN1_OCTET_STRING(int dtype, const unsigned char *m,
106	unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,	105	unsigned int m_len, unsigned char sigbuf, unsigned int siglen, RSA rsa)
107	RSA *rsa)	106	{
108	{	107	int i, ret = 0;
109	int i,ret=0;
110	unsigned char *s;	108	unsigned char *s;
111	const unsigned char *p;	109	const unsigned char *p;
112	ASN1_OCTET_STRING *sig=NULL;	110	ASN1_OCTET_STRING *sig = NULL;
113		111
114	if (siglen != (unsigned int)RSA_size(rsa))	112	if (siglen != (unsigned int)RSA_size(rsa)) {
115	{	113	RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
116	RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);	114	RSA_R_WRONG_SIGNATURE_LENGTH);
117	return(0);	115	return 0;
118	}	116	}
119		117
120	s = malloc((unsigned int)siglen);	118	s = malloc((unsigned int)siglen);
121	if (s == NULL)	119	if (s == NULL) {
122	{	120	RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
123	RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);	121	ERR_R_MALLOC_FAILURE);
124	goto err;	122	goto err;
125	}	123	}
126	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);	124	i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
127		125
128	if (i <= 0) goto err;	126	if (i <= 0)
		127	goto err;
129		128
130	p=s;	129	p = s;
131	sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);	130	sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i);
132	if (sig == NULL) goto err;	131	if (sig == NULL)
		132	goto err;
133		133
134	if ( ((unsigned int)sig->length != m_len) \|\|	134	if ((unsigned int)sig->length != m_len \|\|
135	(memcmp(m,sig->data,m_len) != 0))	135	memcmp(m,sig->data, m_len) != 0) {
136	{	136	RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
137	RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);	137	RSA_R_BAD_SIGNATURE);
138	}	138	} else
139	else	139	ret = 1;
140	ret=1;
141	err:	140	err:
142	if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);	141	if (sig != NULL)
143	if (s != NULL)	142	M_ASN1_OCTET_STRING_free(sig);
144	{	143	if (s != NULL) {
145	OPENSSL_cleanse(s,(unsigned int)siglen);	144	OPENSSL_cleanse(s, (unsigned int)siglen);
146	free(s);	145	free(s);
147	}
148	return(ret);
149	}	146	}
150		147	return ret;
		148	}