diff options
| author | simon <simon@FreeBSD.org> | 2006-09-10 20:16:43 +0000 |
|---|---|---|
| committer | simon <simon@FreeBSD.org> | 2006-09-10 20:16:43 +0000 |
| commit | 22f3e61de2a6beb9e877fad976098e72f23d7fbc (patch) | |
| tree | 6558541b18cbe9a3390f8f16afaf4fd1f6196993 | |
| parent | 229d1a8d9bfa346b9e1124bf66835f0da3160a7a (diff) | |
| download | FreeBSD-src-22f3e61de2a6beb9e877fad976098e72f23d7fbc.zip FreeBSD-src-22f3e61de2a6beb9e877fad976098e72f23d7fbc.tar.gz | |
Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).
Obtained from: OpenSSL project
Security: FreeBSD-SA-06:19.openssl
| -rw-r--r-- | crypto/openssl/crypto/rsa/rsa_sign.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/crypto/openssl/crypto/rsa/rsa_sign.c b/crypto/openssl/crypto/rsa/rsa_sign.c index 230ec6d..aa757ac 100644 --- a/crypto/openssl/crypto/rsa/rsa_sign.c +++ b/crypto/openssl/crypto/rsa/rsa_sign.c @@ -185,6 +185,23 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, sig=d2i_X509_SIG(NULL,&p,(long)i); if (sig == NULL) goto err; + + /* Excess data can be used to create forgeries */ + if(p != s+i) + { + RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + goto err; + } + + /* Parameters to the signature algorithm can also be used to + create forgeries */ + if(sig->algor->parameter + && sig->algor->parameter->type != V_ASN1_NULL) + { + RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + goto err; + } + sigtype=OBJ_obj2nid(sig->algor->algorithm); |
