projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Store digests as EVP_MD instead of a NID.
[oweals/openssl.git]
/
crypto
/
rsa
/
rsa_ssl.c
diff --git
a/crypto/rsa/rsa_ssl.c
b/crypto/rsa/rsa_ssl.c
index e1bbbe794902f4f598ad87bde929f46232e5532e..ea72629494cffd952d15eff4098b3f554c9ff723 100644
(file)
--- a/
crypto/rsa/rsa_ssl.c
+++ b/
crypto/rsa/rsa_ssl.c
@@
-58,12
+58,12
@@
#include <stdio.h>
#include "cryptlib.h"
#include <stdio.h>
#include "cryptlib.h"
-#include
"bn.h"
-#include
"rsa.h"
-#include
"rand.h"
+#include
<openssl/bn.h>
+#include
<openssl/rsa.h>
+#include
<openssl/rand.h>
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
unsigned char *from,
-
int flen)
+int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+
const unsigned char *from,
int flen)
{
int i,j;
unsigned char *p;
{
int i,j;
unsigned char *p;
@@
-82,12
+82,14
@@
int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
/* pad out with non-zero random data */
j=tlen-3-8-flen;
/* pad out with non-zero random data */
j=tlen-3-8-flen;
- RAND_bytes(p,j);
+ if (RAND_bytes(p,j) <= 0)
+ return(0);
for (i=0; i<j; i++)
{
if (*p == '\0')
do {
for (i=0; i<j; i++)
{
if (*p == '\0')
do {
- RAND_bytes(p,1);
+ if (RAND_bytes(p,1) <= 0)
+ return(0);
} while (*p == '\0');
p++;
}
} while (*p == '\0');
p++;
}
@@
-100,11
+102,11
@@
int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
return(1);
}
return(1);
}
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
unsigned char *from,
-
int flen, int num)
+int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+
const unsigned char *from,
int flen, int num)
{
int i,j,k;
{
int i,j,k;
- unsigned char *p;
+
const
unsigned char *p;
p=from;
if (flen < 10)
p=from;
if (flen < 10)
@@
-132,7
+134,7
@@
int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
{
if (p[k] != 0x03) break;
}
{
if (p[k] != 0x03) break;
}
- if (k ==
0
)
+ if (k ==
-1
)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
return(-1);
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
return(-1);
@@
-140,6
+142,11
@@
int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
i++; /* Skip over the '\0' */
j-=i;
i++; /* Skip over the '\0' */
j-=i;
+ if (j > tlen)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
+ return(-1);
+ }
memcpy(to,p,(unsigned int)j);
return(j);
memcpy(to,p,(unsigned int)j);
return(j);