projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
As with RSA, which was modified recently, this change makes it possible to
[oweals/openssl.git]
/
crypto
/
rsa
/
rsa_saos.c
diff --git
a/crypto/rsa/rsa_saos.c
b/crypto/rsa/rsa_saos.c
index 85adacc08fdece5ae290e4cf626243fd4349cdf0..f462716a57f2f6d6a50cbfc97eee309272f4120b 100644
(file)
--- a/
crypto/rsa/rsa_saos.c
+++ b/
crypto/rsa/rsa_saos.c
@@
-77,7
+77,7
@@
int RSA_sign_ASN1_OCTET_STRING(int type,
i=i2d_ASN1_OCTET_STRING(&sig,NULL);
j=RSA_size(rsa);
i=i2d_ASN1_OCTET_STRING(&sig,NULL);
j=RSA_size(rsa);
- if (
(i-RSA_PKCS1_PADDING) > j
)
+ if (
i > (j-RSA_PKCS1_PADDING_SIZE)
)
{
RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
return(0);
{
RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
return(0);
@@
-96,7
+96,7
@@
int RSA_sign_ASN1_OCTET_STRING(int type,
else
*siglen=i;
else
*siglen=i;
-
memset(s,0
,(unsigned int)j+1);
+
OPENSSL_cleanse(s
,(unsigned int)j+1);
OPENSSL_free(s);
return(ret);
}
OPENSSL_free(s);
return(ret);
}
@@
-139,7
+139,7
@@
int RSA_verify_ASN1_OCTET_STRING(int dtype,
ret=1;
err:
if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
ret=1;
err:
if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
-
memset(s,0
,(unsigned int)siglen);
+
OPENSSL_cleanse(s
,(unsigned int)siglen);
OPENSSL_free(s);
return(ret);
}
OPENSSL_free(s);
return(ret);
}