From 2d8e705b2a68a6dfe620f781c55e8230a0cb2dfb Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 18 Apr 2015 12:50:25 +0200 Subject: [PATCH] Correctly check for export size limit 40 bit ciphers are limited to 512 bit RSA, 56 bit ciphers to 1024 bit. Reviewed-by: Rich Salz (cherry picked from commit ac38115c1a4fb61c66c2a8cd2a9800751828d328) --- crypto/evp/evp.h | 1 - crypto/x509/x509type.c | 3 --- ssl/s3_clnt.c | 5 ++++- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 4891133dae..1d705cd5de 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -103,7 +103,6 @@ # define EVP_PKS_RSA 0x0100 # define EVP_PKS_DSA 0x0200 # define EVP_PKS_EC 0x0400 -# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ # define EVP_PKEY_NONE NID_undef # define EVP_PKEY_RSA NID_rsaEncryption diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c index 033175257a..9219f753bf 100644 --- a/crypto/x509/x509type.c +++ b/crypto/x509/x509type.c @@ -121,9 +121,6 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) } } - /* /8 because it's 1024 bits we look for, not bytes */ - if (EVP_PKEY_size(pk) <= 1024 / 8) - ret |= EVP_PKT_EXP; if (pkey == NULL) EVP_PKEY_free(pk); return (ret); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index c25e077288..98c7b9e3f0 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -3398,6 +3398,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) int i, idx; long alg_k, alg_a; EVP_PKEY *pkey = NULL; + int pkey_bits; SESS_CERT *sc; #ifndef OPENSSL_NO_RSA RSA *rsa; @@ -3447,6 +3448,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) } #endif pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509); + pkey_bits = EVP_PKEY_bits(pkey); i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey); EVP_PKEY_free(pkey); @@ -3511,7 +3513,8 @@ int ssl3_check_cert_and_algorithm(SSL *s) } #endif /* !OPENSSL_NO_DH */ - if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i, EVP_PKT_EXP)) { + if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && + pkey_bits > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) { #ifndef OPENSSL_NO_RSA if (alg_k & SSL_kRSA) { if (rsa == NULL -- 2.25.1