summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2001-04-22 23:33:05 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2001-04-22 23:33:05 +0000
commit57a8b3e0d802939f0cc267a143db357b6804a815 (patch)
tree6dd308ecf4eef3a764b48e248638a46d5d5432a0
parentf80ed804ebbffd12db9adf0e1279ec16d97b3715 (diff)
CRT and DH+SSL fix from 0.9.6a, ok provos@/deraadt@
-rw-r--r--lib/libcrypto/rsa/rsa_eay.c12
-rw-r--r--lib/libssl/s3_srvr.c1
2 files changed, 12 insertions, 1 deletions
diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c
index 8b8a1e279a7..ccaa62b2392 100644
--- a/lib/libcrypto/rsa/rsa_eay.c
+++ b/lib/libcrypto/rsa/rsa_eay.c
@@ -419,7 +419,7 @@ err:
static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
{
const RSA_METHOD *meth;
- BIGNUM r1,m1;
+ BIGNUM r1,m1,vrfy;
int ret=0;
BN_CTX *ctx;
@@ -427,6 +427,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&m1);
BN_init(&r1);
+ BN_init(&vrfy);
if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
{
@@ -474,10 +475,19 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
if (!BN_add(r0,&r1,&m1)) goto err;
+ if (rsa->e && rsa->n)
+ {
+ if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
+ if (BN_cmp(I, &vrfy) != 0)
+ {
+ if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
+ }
+ }
ret=1;
err:
BN_clear_free(&m1);
BN_clear_free(&r1);
+ BN_clear_free(&vrfy);
BN_CTX_free(ctx);
return(ret);
}
diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c
index bb8cfb31e55..d04232960e3 100644
--- a/lib/libssl/s3_srvr.c
+++ b/lib/libssl/s3_srvr.c
@@ -1414,6 +1414,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
s->session->master_key_length=
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,p,i);
+ memset(p,0,i);
}
else
#endif