diff options
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_ssl.c')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_ssl.c | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c index 9bcd4b2c03..ea72629494 100644 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ b/src/lib/libcrypto/rsa/rsa_ssl.c | |||
| @@ -58,15 +58,12 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include "bn.h" | 61 | #include <openssl/bn.h> |
| 62 | #include "rsa.h" | 62 | #include <openssl/rsa.h> |
| 63 | #include "rand.h" | 63 | #include <openssl/rand.h> |
| 64 | 64 | ||
| 65 | int RSA_padding_add_SSLv23(to,tlen,from,flen) | 65 | int RSA_padding_add_SSLv23(unsigned char *to, int tlen, |
| 66 | unsigned char *to; | 66 | const unsigned char *from, int flen) |
| 67 | int tlen; | ||
| 68 | unsigned char *from; | ||
| 69 | int flen; | ||
| 70 | { | 67 | { |
| 71 | int i,j; | 68 | int i,j; |
| 72 | unsigned char *p; | 69 | unsigned char *p; |
| @@ -85,12 +82,14 @@ int flen; | |||
| 85 | /* pad out with non-zero random data */ | 82 | /* pad out with non-zero random data */ |
| 86 | j=tlen-3-8-flen; | 83 | j=tlen-3-8-flen; |
| 87 | 84 | ||
| 88 | RAND_bytes(p,j); | 85 | if (RAND_bytes(p,j) <= 0) |
| 86 | return(0); | ||
| 89 | for (i=0; i<j; i++) | 87 | for (i=0; i<j; i++) |
| 90 | { | 88 | { |
| 91 | if (*p == '\0') | 89 | if (*p == '\0') |
| 92 | do { | 90 | do { |
| 93 | RAND_bytes(p,1); | 91 | if (RAND_bytes(p,1) <= 0) |
| 92 | return(0); | ||
| 94 | } while (*p == '\0'); | 93 | } while (*p == '\0'); |
| 95 | p++; | 94 | p++; |
| 96 | } | 95 | } |
| @@ -103,14 +102,11 @@ int flen; | |||
| 103 | return(1); | 102 | return(1); |
| 104 | } | 103 | } |
| 105 | 104 | ||
| 106 | int RSA_padding_check_SSLv23(to,tlen,from,flen) | 105 | int RSA_padding_check_SSLv23(unsigned char *to, int tlen, |
| 107 | unsigned char *to; | 106 | const unsigned char *from, int flen, int num) |
| 108 | int tlen; | ||
| 109 | unsigned char *from; | ||
| 110 | int flen; | ||
| 111 | { | 107 | { |
| 112 | int i,j,k; | 108 | int i,j,k; |
| 113 | unsigned char *p; | 109 | const unsigned char *p; |
| 114 | 110 | ||
| 115 | p=from; | 111 | p=from; |
| 116 | if (flen < 10) | 112 | if (flen < 10) |
| @@ -118,7 +114,7 @@ int flen; | |||
| 118 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL); | 114 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL); |
| 119 | return(-1); | 115 | return(-1); |
| 120 | } | 116 | } |
| 121 | if (*(p++) != 02) | 117 | if ((num != (flen+1)) || (*(p++) != 02)) |
| 122 | { | 118 | { |
| 123 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02); | 119 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02); |
| 124 | return(-1); | 120 | return(-1); |
| @@ -138,7 +134,7 @@ int flen; | |||
| 138 | { | 134 | { |
| 139 | if (p[k] != 0x03) break; | 135 | if (p[k] != 0x03) break; |
| 140 | } | 136 | } |
| 141 | if (k == 0) | 137 | if (k == -1) |
| 142 | { | 138 | { |
| 143 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK); | 139 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK); |
| 144 | return(-1); | 140 | return(-1); |
| @@ -146,6 +142,11 @@ int flen; | |||
| 146 | 142 | ||
| 147 | i++; /* Skip over the '\0' */ | 143 | i++; /* Skip over the '\0' */ |
| 148 | j-=i; | 144 | j-=i; |
| 145 | if (j > tlen) | ||
| 146 | { | ||
| 147 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE); | ||
| 148 | return(-1); | ||
| 149 | } | ||
| 149 | memcpy(to,p,(unsigned int)j); | 150 | memcpy(to,p,(unsigned int)j); |
| 150 | 151 | ||
| 151 | return(j); | 152 | return(j); |