From 4e1781820f970e006c7e95796e4020c58442f504 Mon Sep 17 00:00:00 2001 From: Markus Friedl Date: Sun, 22 Apr 2001 23:33:05 +0000 Subject: CRT and DH+SSL fix from 0.9.6a, ok provos@/deraadt@ --- lib/libssl/src/crypto/rsa/rsa_eay.c | 12 +++++++++++- lib/libssl/src/ssl/s3_srvr.c | 1 + 2 files changed, 12 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/libssl/src/crypto/rsa/rsa_eay.c b/lib/libssl/src/crypto/rsa/rsa_eay.c index 8b8a1e279a7..ccaa62b2392 100644 --- a/lib/libssl/src/crypto/rsa/rsa_eay.c +++ b/lib/libssl/src/crypto/rsa/rsa_eay.c @@ -419,7 +419,7 @@ err: static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) { const RSA_METHOD *meth; - BIGNUM r1,m1; + BIGNUM r1,m1,vrfy; int ret=0; BN_CTX *ctx; @@ -427,6 +427,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) if ((ctx=BN_CTX_new()) == NULL) goto err; BN_init(&m1); BN_init(&r1); + BN_init(&vrfy); if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) { @@ -474,10 +475,19 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; if (!BN_add(r0,&r1,&m1)) goto err; + if (rsa->e && rsa->n) + { + if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; + if (BN_cmp(I, &vrfy) != 0) + { + if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err; + } + } ret=1; err: BN_clear_free(&m1); BN_clear_free(&r1); + BN_clear_free(&vrfy); BN_CTX_free(ctx); return(ret); } diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c index bb8cfb31e55..d04232960e3 100644 --- a/lib/libssl/src/ssl/s3_srvr.c +++ b/lib/libssl/src/ssl/s3_srvr.c @@ -1414,6 +1414,7 @@ static int ssl3_get_client_key_exchange(SSL *s) s->session->master_key_length= s->method->ssl3_enc->generate_master_secret(s, s->session->master_key,p,i); + memset(p,0,i); } else #endif -- cgit v1.2.3