d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).

Browse Source 
Obtained from:	OpenSSL project
Security:	FreeBSD-SA-06:19.openssl
This commit is contained in:
Simon L. B. Nielsen 2006-09-10 20:16:43 +00:00
parent 66387cee8f
commit c800238ebb
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=162207
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
crypto/openssl/crypto/rsa/rsa_sign.c
View File

@ -185,6 +185,23 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
sig=d2i_X509_SIG(NULL,&p,(long)i);
if (sig == NULL) goto err;
/* Excess data can be used to create forgeries */
if(p != s+i)
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err;
}
/* Parameters to the signature algorithm can also be used to
create forgeries */
if(sig->algor->parameter
&& sig->algor->parameter->type != V_ASN1_NULL)
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err;
}
sigtype=OBJ_obj2nid(sig->algor->algorithm);