Resolve conflicts.

2 files changed, 33 insertions, 5 deletions

diff --git a/crypto/openssl/crypto/rsa/rsa.h b/crypto/openssl/crypto/rsa/rsa.h
index 880ebfe..1f91a49 100644
--- a/crypto/openssl/crypto/rsa/rsa.h
+++ b/crypto/openssl/crypto/rsa/rsa.h
@@ -203,8 +203,6 @@ RSA_METHOD *RSA_PKCS1_SSLeay(void);
 
 RSA_METHOD *RSA_null_method(void);
 
-void	ERR_load_RSA_strings(void );
-
 RSA *	d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
 int	i2d_RSAPublicKey(RSA *a, unsigned char **pp);
 RSA *	d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
@@ -276,6 +274,7 @@ void *RSA_get_ex_data(RSA *r, int idx);
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+void ERR_load_RSA_strings(void);
 
 /* Error codes for the RSA functions. */
 
@@ -317,6 +316,7 @@ void *RSA_get_ex_data(RSA *r, int idx);
 #define RSA_R_DATA_GREATER_THAN_MOD_LEN			 108
 #define RSA_R_DATA_TOO_LARGE				 109
 #define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 110
+#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS		 132
 #define RSA_R_DATA_TOO_SMALL				 111
 #define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE		 122
 #define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 112
@@ -343,4 +343,3 @@ void *RSA_get_ex_data(RSA *r, int idx);
 }
 #endif
 #endif
-
diff --git a/crypto/openssl/crypto/rsa/rsa_eay.c b/crypto/openssl/crypto/rsa/rsa_eay.c
index 90771dc..49cbd73 100644
--- a/crypto/openssl/crypto/rsa/rsa_eay.c
+++ b/crypto/openssl/crypto/rsa/rsa_eay.c
@@ -79,8 +79,8 @@ static int RSA_eay_finish(RSA *rsa);
 static RSA_METHOD rsa_pkcs1_eay_meth={
 	"Eric Young's PKCS#1 RSA",
 	RSA_eay_public_encrypt,
-	RSA_eay_public_decrypt,
-	RSA_eay_private_encrypt,
+	RSA_eay_public_decrypt, /* signature verification */
+	RSA_eay_private_encrypt, /* signing */
 	RSA_eay_private_decrypt,
 	RSA_eay_mod_exp,
 	BN_mod_exp_mont,
@@ -137,6 +137,13 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
 
 	if (BN_bin2bn(buf,num,&f) == NULL) goto err;
 	
+	if (BN_ucmp(&f, rsa->n) >= 0)
+		{	
+		/* usually the padding functions would catch this */
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+		goto err;
+		}
+
 	if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
 		{
 		BN_MONT_CTX* bn_mont_ctx;
@@ -184,6 +191,7 @@ err:
 	return(r);
 	}
 
+/* signing */
 static int RSA_eay_private_encrypt(int flen, unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
@@ -219,6 +227,13 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
 	if (i <= 0) goto err;
 
 	if (BN_bin2bn(buf,num,&f) == NULL) goto err;
+	
+	if (BN_ucmp(&f, rsa->n) >= 0)
+		{	
+		/* usually the padding functions would catch this */
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+		goto err;
+		}
 
 	if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
 		RSA_blinding_on(rsa,ctx);
@@ -293,6 +308,12 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
 	/* make data into a big number */
 	if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
 
+	if (BN_ucmp(&f, rsa->n) >= 0)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+		goto err;
+		}
+
 	if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
 		RSA_blinding_on(rsa,ctx);
 	if (rsa->flags & RSA_FLAG_BLINDING)
@@ -353,6 +374,7 @@ err:
 	return(r);
 	}
 
+/* signature verification */
 static int RSA_eay_public_decrypt(int flen, unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
@@ -384,6 +406,13 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from,
 		}
 
 	if (BN_bin2bn(from,flen,&f) == NULL) goto err;
+
+	if (BN_ucmp(&f, rsa->n) >= 0)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+		goto err;
+		}
+
 	/* do the decrypt */
 	if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
 		{