diff options
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_sign.c')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_sign.c | 32 |
1 files changed, 15 insertions, 17 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index 7be08f544b..52cbc3dfe3 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_sign.c,v 1.25 2015/09/10 15:56:25 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_sign.c,v 1.26 2017/01/29 17:49:23 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -88,7 +88,7 @@ RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 88 | /* Special case: SSL signature, just check the length */ | 88 | /* Special case: SSL signature, just check the length */ |
| 89 | if (type == NID_md5_sha1) { | 89 | if (type == NID_md5_sha1) { |
| 90 | if (m_len != SSL_SIG_LENGTH) { | 90 | if (m_len != SSL_SIG_LENGTH) { |
| 91 | RSAerr(RSA_F_RSA_SIGN, RSA_R_INVALID_MESSAGE_LENGTH); | 91 | RSAerror(RSA_R_INVALID_MESSAGE_LENGTH); |
| 92 | return 0; | 92 | return 0; |
| 93 | } | 93 | } |
| 94 | i = SSL_SIG_LENGTH; | 94 | i = SSL_SIG_LENGTH; |
| @@ -97,12 +97,11 @@ RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 97 | sig.algor = &algor; | 97 | sig.algor = &algor; |
| 98 | sig.algor->algorithm = OBJ_nid2obj(type); | 98 | sig.algor->algorithm = OBJ_nid2obj(type); |
| 99 | if (sig.algor->algorithm == NULL) { | 99 | if (sig.algor->algorithm == NULL) { |
| 100 | RSAerr(RSA_F_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE); | 100 | RSAerror(RSA_R_UNKNOWN_ALGORITHM_TYPE); |
| 101 | return 0; | 101 | return 0; |
| 102 | } | 102 | } |
| 103 | if (sig.algor->algorithm->length == 0) { | 103 | if (sig.algor->algorithm->length == 0) { |
| 104 | RSAerr(RSA_F_RSA_SIGN, | 104 | RSAerror(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); |
| 105 | RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); | ||
| 106 | return 0; | 105 | return 0; |
| 107 | } | 106 | } |
| 108 | parameter.type = V_ASN1_NULL; | 107 | parameter.type = V_ASN1_NULL; |
| @@ -117,13 +116,13 @@ RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 117 | } | 116 | } |
| 118 | j = RSA_size(rsa); | 117 | j = RSA_size(rsa); |
| 119 | if (i > j - RSA_PKCS1_PADDING_SIZE) { | 118 | if (i > j - RSA_PKCS1_PADDING_SIZE) { |
| 120 | RSAerr(RSA_F_RSA_SIGN, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); | 119 | RSAerror(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); |
| 121 | return 0; | 120 | return 0; |
| 122 | } | 121 | } |
| 123 | if (type != NID_md5_sha1) { | 122 | if (type != NID_md5_sha1) { |
| 124 | tmps = malloc(j + 1); | 123 | tmps = malloc(j + 1); |
| 125 | if (tmps == NULL) { | 124 | if (tmps == NULL) { |
| 126 | RSAerr(RSA_F_RSA_SIGN, ERR_R_MALLOC_FAILURE); | 125 | RSAerror(ERR_R_MALLOC_FAILURE); |
| 127 | return 0; | 126 | return 0; |
| 128 | } | 127 | } |
| 129 | p = tmps; | 128 | p = tmps; |
| @@ -153,7 +152,7 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 153 | X509_SIG *sig = NULL; | 152 | X509_SIG *sig = NULL; |
| 154 | 153 | ||
| 155 | if (siglen != (unsigned int)RSA_size(rsa)) { | 154 | if (siglen != (unsigned int)RSA_size(rsa)) { |
| 156 | RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_WRONG_SIGNATURE_LENGTH); | 155 | RSAerror(RSA_R_WRONG_SIGNATURE_LENGTH); |
| 157 | return 0; | 156 | return 0; |
| 158 | } | 157 | } |
| 159 | 158 | ||
| @@ -168,11 +167,11 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 168 | 167 | ||
| 169 | s = malloc(siglen); | 168 | s = malloc(siglen); |
| 170 | if (s == NULL) { | 169 | if (s == NULL) { |
| 171 | RSAerr(RSA_F_INT_RSA_VERIFY, ERR_R_MALLOC_FAILURE); | 170 | RSAerror(ERR_R_MALLOC_FAILURE); |
| 172 | goto err; | 171 | goto err; |
| 173 | } | 172 | } |
| 174 | if (dtype == NID_md5_sha1 && m_len != SSL_SIG_LENGTH) { | 173 | if (dtype == NID_md5_sha1 && m_len != SSL_SIG_LENGTH) { |
| 175 | RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_MESSAGE_LENGTH); | 174 | RSAerror(RSA_R_INVALID_MESSAGE_LENGTH); |
| 176 | goto err; | 175 | goto err; |
| 177 | } | 176 | } |
| 178 | i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING); | 177 | i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING); |
| @@ -183,7 +182,7 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 183 | /* Special case: SSL signature */ | 182 | /* Special case: SSL signature */ |
| 184 | if (dtype == NID_md5_sha1) { | 183 | if (dtype == NID_md5_sha1) { |
| 185 | if (i != SSL_SIG_LENGTH || memcmp(s, m, SSL_SIG_LENGTH)) | 184 | if (i != SSL_SIG_LENGTH || memcmp(s, m, SSL_SIG_LENGTH)) |
| 186 | RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE); | 185 | RSAerror(RSA_R_BAD_SIGNATURE); |
| 187 | else | 186 | else |
| 188 | ret = 1; | 187 | ret = 1; |
| 189 | } else { | 188 | } else { |
| @@ -196,7 +195,7 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 196 | 195 | ||
| 197 | /* Excess data can be used to create forgeries */ | 196 | /* Excess data can be used to create forgeries */ |
| 198 | if (p != s + i) { | 197 | if (p != s + i) { |
| 199 | RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE); | 198 | RSAerror(RSA_R_BAD_SIGNATURE); |
| 200 | goto err; | 199 | goto err; |
| 201 | } | 200 | } |
| 202 | 201 | ||
| @@ -204,14 +203,14 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 204 | create forgeries */ | 203 | create forgeries */ |
| 205 | if (sig->algor->parameter && | 204 | if (sig->algor->parameter && |
| 206 | ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) { | 205 | ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) { |
| 207 | RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE); | 206 | RSAerror(RSA_R_BAD_SIGNATURE); |
| 208 | goto err; | 207 | goto err; |
| 209 | } | 208 | } |
| 210 | 209 | ||
| 211 | sigtype = OBJ_obj2nid(sig->algor->algorithm); | 210 | sigtype = OBJ_obj2nid(sig->algor->algorithm); |
| 212 | 211 | ||
| 213 | if (sigtype != dtype) { | 212 | if (sigtype != dtype) { |
| 214 | RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH); | 213 | RSAerror(RSA_R_ALGORITHM_MISMATCH); |
| 215 | goto err; | 214 | goto err; |
| 216 | } | 215 | } |
| 217 | if (rm) { | 216 | if (rm) { |
| @@ -219,8 +218,7 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 219 | 218 | ||
| 220 | md = EVP_get_digestbynid(dtype); | 219 | md = EVP_get_digestbynid(dtype); |
| 221 | if (md && (EVP_MD_size(md) != sig->digest->length)) | 220 | if (md && (EVP_MD_size(md) != sig->digest->length)) |
| 222 | RSAerr(RSA_F_INT_RSA_VERIFY, | 221 | RSAerror(RSA_R_INVALID_DIGEST_LENGTH); |
| 223 | RSA_R_INVALID_DIGEST_LENGTH); | ||
| 224 | else { | 222 | else { |
| 225 | memcpy(rm, sig->digest->data, | 223 | memcpy(rm, sig->digest->data, |
| 226 | sig->digest->length); | 224 | sig->digest->length); |
| @@ -229,7 +227,7 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 229 | } | 227 | } |
| 230 | } else if ((unsigned int)sig->digest->length != m_len || | 228 | } else if ((unsigned int)sig->digest->length != m_len || |
| 231 | memcmp(m, sig->digest->data, m_len) != 0) { | 229 | memcmp(m, sig->digest->data, m_len) != 0) { |
| 232 | RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE); | 230 | RSAerror(RSA_R_BAD_SIGNATURE); |
| 233 | } else | 231 | } else |
| 234 | ret = 1; | 232 | ret = 1; |
| 235 | } | 233 | } |