1 files changed, 93 insertions, 60 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
index 1740494a4c..05bb7fb74a 100644
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -63,59 +63,77 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+/* Size of an SSL signature: MD5+SHA1 */
+#define SSL_SIG_LENGTH  36
 int RSA_sign(int type, unsigned char *m, unsigned int m_len,
             unsigned char *sigret, unsigned int *siglen, RSA *rsa)
        {
        X509_SIG sig;
        ASN1_TYPE parameter;
        int i,j,ret=1;
-        unsigned char *p,*s;
+        unsigned char *p,*s = NULL;
        X509_ALGOR algor;
        ASN1_OCTET_STRING digest;
+        if(rsa->flags & RSA_FLAG_SIGN_VER)
-        sig.algor= &algor;
+              return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
-        sig.algor->algorithm=OBJ_nid2obj(type);
+        /* Special case: SSL signature, just check the length */
-        if (sig.algor->algorithm == NULL)
+        if(type == NID_md5_sha1) {
-                {
+                if(m_len != SSL_SIG_LENGTH) {
-                RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+                        RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
-                return(0);
+                        return(0);
-                }
-        if (sig.algor->algorithm->length == 0)
-                {
-                RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-                return(0);
                }
-        parameter.type=V_ASN1_NULL;
+                i = SSL_SIG_LENGTH;
-        parameter.value.ptr=NULL;
+                s = m;
-        sig.algor->parameter= &parameter;
+        } else {
+                sig.algor= &algor;
+                sig.algor->algorithm=OBJ_nid2obj(type);
+                if (sig.algor->algorithm == NULL)
+                        {
+                        RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+                        return(0);
+                        }
+                if (sig.algor->algorithm->length == 0)
+                        {
+                        RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+                        return(0);
+                        }
+                parameter.type=V_ASN1_NULL;
+                parameter.value.ptr=NULL;
+                sig.algor->parameter= &parameter;
-        sig.digest= &digest;
+                sig.digest= &digest;
-        sig.digest->data=m;
+                sig.digest->data=m;
-        sig.digest->length=m_len;
+                sig.digest->length=m_len;
-        i=i2d_X509_SIG(&sig,NULL);
+                i=i2d_X509_SIG(&sig,NULL);
+        }
        j=RSA_size(rsa);
        if ((i-RSA_PKCS1_PADDING) > j)
                {
                RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
                return(0);
                }
-        s=(unsigned char *)Malloc((unsigned int)j+1);
+        if(type != NID_md5_sha1) {
-        if (s == NULL)
+                s=(unsigned char *)Malloc((unsigned int)j+1);
-                {
+                if (s == NULL)
-                RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
+                        {
-                return(0);
+                        RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
-                }
+                        return(0);
-        p=s;
+                        }
-        i2d_X509_SIG(&sig,&p);
+                p=s;
+                i2d_X509_SIG(&sig,&p);
+        }
        i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
        if (i <= 0)
                ret=0;
        else
                *siglen=i;
-        memset(s,0,(unsigned int)j+1);
+        if(type != NID_md5_sha1) {
-        Free(s);
+                memset(s,0,(unsigned int)j+1);
+                Free(s);
+        }
        return(ret);
        }
@@ -132,53 +150,68 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
                return(0);
                }
+        if(rsa->flags & RSA_FLAG_SIGN_VER)
+            return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
        s=(unsigned char *)Malloc((unsigned int)siglen);
        if (s == NULL)
                {
                RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
                goto err;
                }
+        if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
+                        RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
+                        return(0);
+        }
        i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
        if (i <= 0) goto err;
-        p=s;
+        /* Special case: SSL signature */
-        sig=d2i_X509_SIG(NULL,&p,(long)i);
+        if(dtype == NID_md5_sha1) {
+                if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
+                                RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+                else ret = 1;
+        } else {
+                p=s;
+                sig=d2i_X509_SIG(NULL,&p,(long)i);
-        if (sig == NULL) goto err;
+                if (sig == NULL) goto err;
-        sigtype=OBJ_obj2nid(sig->algor->algorithm);
+                sigtype=OBJ_obj2nid(sig->algor->algorithm);
-#ifdef RSA_DEBUG
+        #ifdef RSA_DEBUG
-        /* put a backward compatability flag in EAY */
+                /* put a backward compatibility flag in EAY */
-        fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
+                fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
-                OBJ_nid2ln(dtype));
+                        OBJ_nid2ln(dtype));
-#endif
+        #endif
-        if (sigtype != dtype)
+                if (sigtype != dtype)
-                {
-                if (((dtype == NID_md5) &&
-                        (sigtype == NID_md5WithRSAEncryption)) ||
-                        ((dtype == NID_md2) &&
-                        (sigtype == NID_md2WithRSAEncryption)))
                        {
-                        /* ok, we will let it through */
+                        if (((dtype == NID_md5) &&
-#if !defined(NO_STDIO) && !defined(WIN16)
+                                (sigtype == NID_md5WithRSAEncryption)) ||
-                        fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
+                                ((dtype == NID_md2) &&
-#endif
+                                (sigtype == NID_md2WithRSAEncryption)))
+                                {
+                                /* ok, we will let it through */
+        #if !defined(NO_STDIO) && !defined(WIN16)
+                                fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
+        #endif
+                                }
+                        else
+                                {
+                                RSAerr(RSA_F_RSA_VERIFY,
+                                                RSA_R_ALGORITHM_MISMATCH);
+                                goto err;
+                                }
                        }
-                else
+                if (    ((unsigned int)sig->digest->length != m_len) ||
+                        (memcmp(m,sig->digest->data,m_len) != 0))
                        {
-                        RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH);
+                        RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
-                        goto err;
                        }
-                }
+                else
-        if (    ((unsigned int)sig->digest->length != m_len) ||
+                        ret=1;
-                (memcmp(m,sig->digest->data,m_len) != 0))
+        }
-                {
-                RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
-                }
-        else
-                ret=1;
 err:
        if (sig != NULL) X509_SIG_free(sig);
        memset(s,0,(unsigned int)siglen);

diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index 1740494a4c..05bb7fb74a 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -63,59 +63,77 @@
63	#include <openssl/objects.h>	63	#include <openssl/objects.h>
64	#include <openssl/x509.h>	64	#include <openssl/x509.h>
65		65
		66	/* Size of an SSL signature: MD5+SHA1 */
		67	#define SSL_SIG_LENGTH 36
		68
66	int RSA_sign(int type, unsigned char *m, unsigned int m_len,	69	int RSA_sign(int type, unsigned char *m, unsigned int m_len,
67	unsigned char sigret, unsigned int siglen, RSA *rsa)	70	unsigned char sigret, unsigned int siglen, RSA *rsa)
68	{	71	{
69	X509_SIG sig;	72	X509_SIG sig;
70	ASN1_TYPE parameter;	73	ASN1_TYPE parameter;
71	int i,j,ret=1;	74	int i,j,ret=1;
72	unsigned char p,s;	75	unsigned char p,s = NULL;
73	X509_ALGOR algor;	76	X509_ALGOR algor;
74	ASN1_OCTET_STRING digest;	77	ASN1_OCTET_STRING digest;
75		78	if(rsa->flags & RSA_FLAG_SIGN_VER)
76	sig.algor= &algor;	79	return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
77	sig.algor->algorithm=OBJ_nid2obj(type);	80	/* Special case: SSL signature, just check the length */
78	if (sig.algor->algorithm == NULL)	81	if(type == NID_md5_sha1) {
79	{	82	if(m_len != SSL_SIG_LENGTH) {
80	RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);	83	RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
81	return(0);	84	return(0);
82	}
83	if (sig.algor->algorithm->length == 0)
84	{
85	RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
86	return(0);
87	}	85	}
88	parameter.type=V_ASN1_NULL;	86	i = SSL_SIG_LENGTH;
89	parameter.value.ptr=NULL;	87	s = m;
90	sig.algor->parameter= &parameter;	88	} else {
		89	sig.algor= &algor;
		90	sig.algor->algorithm=OBJ_nid2obj(type);
		91	if (sig.algor->algorithm == NULL)
		92	{
		93	RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
		94	return(0);
		95	}
		96	if (sig.algor->algorithm->length == 0)
		97	{
		98	RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
		99	return(0);
		100	}
		101	parameter.type=V_ASN1_NULL;
		102	parameter.value.ptr=NULL;
		103	sig.algor->parameter= &parameter;
91		104
92	sig.digest= &digest;	105	sig.digest= &digest;
93	sig.digest->data=m;	106	sig.digest->data=m;
94	sig.digest->length=m_len;	107	sig.digest->length=m_len;
95		108
96	i=i2d_X509_SIG(&sig,NULL);	109	i=i2d_X509_SIG(&sig,NULL);
		110	}
97	j=RSA_size(rsa);	111	j=RSA_size(rsa);
98	if ((i-RSA_PKCS1_PADDING) > j)	112	if ((i-RSA_PKCS1_PADDING) > j)
99	{	113	{
100	RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);	114	RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
101	return(0);	115	return(0);
102	}	116	}
103	s=(unsigned char *)Malloc((unsigned int)j+1);	117	if(type != NID_md5_sha1) {
104	if (s == NULL)	118	s=(unsigned char *)Malloc((unsigned int)j+1);
105	{	119	if (s == NULL)
106	RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);	120	{
107	return(0);	121	RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
108	}	122	return(0);
109	p=s;	123	}
110	i2d_X509_SIG(&sig,&p);	124	p=s;
		125	i2d_X509_SIG(&sig,&p);
		126	}
111	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);	127	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
112	if (i <= 0)	128	if (i <= 0)
113	ret=0;	129	ret=0;
114	else	130	else
115	*siglen=i;	131	*siglen=i;
116		132
117	memset(s,0,(unsigned int)j+1);	133	if(type != NID_md5_sha1) {
118	Free(s);	134	memset(s,0,(unsigned int)j+1);
		135	Free(s);
		136	}
119	return(ret);	137	return(ret);
120	}	138	}
121		139
@@ -132,53 +150,68 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
132	return(0);	150	return(0);
133	}	151	}
134		152
		153	if(rsa->flags & RSA_FLAG_SIGN_VER)
		154	return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
		155
135	s=(unsigned char *)Malloc((unsigned int)siglen);	156	s=(unsigned char *)Malloc((unsigned int)siglen);
136	if (s == NULL)	157	if (s == NULL)
137	{	158	{
138	RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);	159	RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
139	goto err;	160	goto err;
140	}	161	}
		162	if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
		163	RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
		164	return(0);
		165	}
141	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);	166	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
142		167
143	if (i <= 0) goto err;	168	if (i <= 0) goto err;
144		169
145	p=s;	170	/* Special case: SSL signature */
146	sig=d2i_X509_SIG(NULL,&p,(long)i);	171	if(dtype == NID_md5_sha1) {
		172	if((i != SSL_SIG_LENGTH) \|\| memcmp(s, m, SSL_SIG_LENGTH))
		173	RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
		174	else ret = 1;
		175	} else {
		176	p=s;
		177	sig=d2i_X509_SIG(NULL,&p,(long)i);
147		178
148	if (sig == NULL) goto err;	179	if (sig == NULL) goto err;
149	sigtype=OBJ_obj2nid(sig->algor->algorithm);	180	sigtype=OBJ_obj2nid(sig->algor->algorithm);
150		181
151		182
152	#ifdef RSA_DEBUG	183	#ifdef RSA_DEBUG
153	/* put a backward compatability flag in EAY */	184	/* put a backward compatibility flag in EAY */
154	fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),	185	fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
155	OBJ_nid2ln(dtype));	186	OBJ_nid2ln(dtype));
156	#endif	187	#endif
157	if (sigtype != dtype)	188	if (sigtype != dtype)
158	{
159	if (((dtype == NID_md5) &&
160	(sigtype == NID_md5WithRSAEncryption)) \|\|
161	((dtype == NID_md2) &&
162	(sigtype == NID_md2WithRSAEncryption)))
163	{	189	{
164	/* ok, we will let it through */	190	if (((dtype == NID_md5) &&
165	#if !defined(NO_STDIO) && !defined(WIN16)	191	(sigtype == NID_md5WithRSAEncryption)) \|\|
166	fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");	192	((dtype == NID_md2) &&
167	#endif	193	(sigtype == NID_md2WithRSAEncryption)))
		194	{
		195	/* ok, we will let it through */
		196	#if !defined(NO_STDIO) && !defined(WIN16)
		197	fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
		198	#endif
		199	}
		200	else
		201	{
		202	RSAerr(RSA_F_RSA_VERIFY,
		203	RSA_R_ALGORITHM_MISMATCH);
		204	goto err;
		205	}
168	}	206	}
169	else	207	if ( ((unsigned int)sig->digest->length != m_len) \|\|
		208	(memcmp(m,sig->digest->data,m_len) != 0))
170	{	209	{
171	RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH);	210	RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
172	goto err;
173	}	211	}
174	}	212	else
175	if ( ((unsigned int)sig->digest->length != m_len) \|\|	213	ret=1;
176	(memcmp(m,sig->digest->data,m_len) != 0))	214	}
177	{
178	RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
179	}
180	else
181	ret=1;
182	err:	215	err:
183	if (sig != NULL) X509_SIG_free(sig);	216	if (sig != NULL) X509_SIG_free(sig);
184	memset(s,0,(unsigned int)siglen);	217	memset(s,0,(unsigned int)siglen);