From 1fc5e1a14c4ba5dccd70fd6870a028c8a8d1f5f4 Mon Sep 17 00:00:00 2001
From: Markus Friedl <markus@cvs.openbsd.org>
Date: Mon, 29 Jan 2001 19:47:32 +0000
Subject: handle rsa_private_decrypt failures; helps against the Bleichenbacher
 pkcs#1 attack

---
 usr.bin/ssh/ssh-agent.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'usr.bin/ssh/ssh-agent.c')

diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 9eb1615c614..13555c546ee 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-agent.c,v 1.48 2001/01/25 08:06:33 deraadt Exp $	*/
+/*	$OpenBSD: ssh-agent.c,v 1.49 2001/01/29 19:47:31 markus Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.48 2001/01/25 08:06:33 deraadt Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.49 2001/01/29 19:47:31 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -194,7 +194,8 @@ process_authentication_challenge1(SocketEntry *e)
 	private = lookup_private_key(key, NULL, 1);
 	if (private != NULL) {
 		/* Decrypt the challenge using the private key. */
-		rsa_private_decrypt(challenge, challenge, private->rsa);
+		if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0)
+			goto failure;
 
 		/* The response is MD5 of decrypted challenge plus session id. */
 		len = BN_num_bytes(challenge);
-- 
cgit v1.2.3