Check input length to pkey_rsa_verify()

author Dr. Stephen Henson <steve@openssl.org>

Thu, 8 Dec 2016 12:16:02 +0000 (12:16 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 10 Dec 2016 02:30:16 +0000 (02:30 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Thu, 8 Dec 2016 12:16:02 +0000 (12:16 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 10 Dec 2016 02:30:16 +0000 (02:30 +0000)
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c

index 45e12e0dd3737374984d508c58f614ed43c53773..bf54095b7090d5f019ae0f32df185d5ff7cea902 100644 (file)
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -26,6 +26,7 @@ static ERR_STRING_DATA RSA_str_functs[] = {
      {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "pkey_rsa_ctrl"},
      {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "pkey_rsa_ctrl_str"},
      {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "pkey_rsa_sign"},
+    {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "pkey_rsa_verify"},
      {ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "pkey_rsa_verifyrecover"},
      {ERR_FUNC(RSA_F_RSA_ALGOR_TO_MD), "rsa_algor_to_md"},
      {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "rsa_builtin_keygen"},
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c

index e503ada873b13cd3e5f69fdc9c067fe5ee467462..db4fb0fbf7e42f8a766ea60d41a7c9cd0e464d87 100644 (file)
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -229,6 +229,10 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
          if (rctx->pad_mode == RSA_PKCS1_PADDING)
              return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
                                sig, siglen, rsa);
+        if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+            RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
+            return -1;
+        }
          if (rctx->pad_mode == RSA_X931_PADDING) {
              if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0)
                  return 0;
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h

index 4d6e9cc9a9a71285470771266d62ed53016f0126..d97d6e075aefe3f31a2f6d04144b48d18cfc9638 100644 (file)
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -468,6 +468,7 @@ int ERR_load_RSA_strings(void);
  # define RSA_F_PKEY_RSA_CTRL                              143
  # define RSA_F_PKEY_RSA_CTRL_STR                          144
  # define RSA_F_PKEY_RSA_SIGN                              142
+# define RSA_F_PKEY_RSA_VERIFY                            149
  # define RSA_F_PKEY_RSA_VERIFYRECOVER                     141
  # define RSA_F_RSA_ALGOR_TO_MD                            156
  # define RSA_F_RSA_BUILTIN_KEYGEN                         129
author	Dr. Stephen Henson <steve@openssl.org>
	Thu, 8 Dec 2016 12:16:02 +0000 (12:16 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 10 Dec 2016 02:30:16 +0000 (02:30 +0000)
crypto/rsa/rsa_err.c		patch \| blob \| history
crypto/rsa/rsa_pmeth.c		patch \| blob \| history
include/openssl/rsa.h		patch \| blob \| history