aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/openssl/crypto/rsa/rsa_eay.c
diff options
context:
space:
mode:
authorJacques Vidrine <nectar@FreeBSD.org>2002-07-30 22:06:11 +0000
committerJacques Vidrine <nectar@FreeBSD.org>2002-07-30 22:06:11 +0000
commit91d8bea2b4089c48f9bac1c3e89b9f2bebe46787 (patch)
treebaa8d226377e6e2b6b7b8cb5708a920af5c1425e /crypto/openssl/crypto/rsa/rsa_eay.c
parent42db7aed42668384a7480fa974e90a841d30b217 (diff)
downloadsrc-91d8bea2b4089c48f9bac1c3e89b9f2bebe46787.tar.gz
src-91d8bea2b4089c48f9bac1c3e89b9f2bebe46787.zip
MFC: OpenSSL 0.9.6e
Notes
Notes: svn path=/stable/4/; revision=100982
Diffstat (limited to 'crypto/openssl/crypto/rsa/rsa_eay.c')
-rw-r--r--crypto/openssl/crypto/rsa/rsa_eay.c35
1 files changed, 32 insertions, 3 deletions
diff --git a/crypto/openssl/crypto/rsa/rsa_eay.c b/crypto/openssl/crypto/rsa/rsa_eay.c
index 90771dc5f2ae..e861a491adfb 100644
--- a/crypto/openssl/crypto/rsa/rsa_eay.c
+++ b/crypto/openssl/crypto/rsa/rsa_eay.c
@@ -79,8 +79,8 @@ static int RSA_eay_finish(RSA *rsa);
static RSA_METHOD rsa_pkcs1_eay_meth={
"Eric Young's PKCS#1 RSA",
RSA_eay_public_encrypt,
- RSA_eay_public_decrypt,
- RSA_eay_private_encrypt,
+ RSA_eay_public_decrypt, /* signature verification */
+ RSA_eay_private_encrypt, /* signing */
RSA_eay_private_decrypt,
RSA_eay_mod_exp,
BN_mod_exp_mont,
@@ -137,6 +137,13 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
if (BN_bin2bn(buf,num,&f) == NULL) goto err;
+ if (BN_ucmp(&f, rsa->n) >= 0)
+ {
+ /* usually the padding functions would catch this */
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+ goto err;
+ }
+
if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
{
BN_MONT_CTX* bn_mont_ctx;
@@ -184,6 +191,7 @@ err:
return(r);
}
+/* signing */
static int RSA_eay_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
@@ -219,6 +227,13 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
if (i <= 0) goto err;
if (BN_bin2bn(buf,num,&f) == NULL) goto err;
+
+ if (BN_ucmp(&f, rsa->n) >= 0)
+ {
+ /* usually the padding functions would catch this */
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+ goto err;
+ }
if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
RSA_blinding_on(rsa,ctx);
@@ -293,6 +308,12 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
/* make data into a big number */
if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
+ if (BN_ucmp(&f, rsa->n) >= 0)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+ goto err;
+ }
+
if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
RSA_blinding_on(rsa,ctx);
if (rsa->flags & RSA_FLAG_BLINDING)
@@ -353,6 +374,7 @@ err:
return(r);
}
+/* signature verification */
static int RSA_eay_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
@@ -384,6 +406,13 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from,
}
if (BN_bin2bn(from,flen,&f) == NULL) goto err;
+
+ if (BN_ucmp(&f, rsa->n) >= 0)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+ goto err;
+ }
+
/* do the decrypt */
if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
{
@@ -448,10 +477,10 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
int ret=0;
BN_CTX *ctx;
- if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&m1);
BN_init(&r1);
BN_init(&vrfy);
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
{