diff options
| author | Damien Miller <djm@mindrot.org> | 2001-01-30 09:27:26 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2001-01-30 09:27:26 +1100 |
| commit | 7650bc68420a227212ba0ff5cd4a0d133471b872 (patch) | |
| tree | 55d8d15e4cdd7407b7086e9c3cf9597539c81071 /rsa.c | |
| parent | d83ff35d66e11978e0b821ecbfa07011ddcb8868 (diff) | |
- (djm) OpenBSD CVS Sync:
- markus@cvs.openbsd.org 2001/01/29 12:47:32
[rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
handle rsa_private_decrypt failures; helps against the Bleichenbacher
pkcs#1 attack
Diffstat (limited to 'rsa.c')
| -rw-r--r-- | rsa.c | 15 |
1 files changed, 8 insertions, 7 deletions
@@ -60,7 +60,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: rsa.c,v 1.19 2001/01/21 19:05:54 markus Exp $"); +RCSID("$OpenBSD: rsa.c,v 1.20 2001/01/29 19:47:30 markus Exp $"); #include "rsa.h" #include "log.h" @@ -94,7 +94,7 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) xfree(inbuf); } -void +int rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) { u_char *inbuf, *outbuf; @@ -108,13 +108,14 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) BN_bn2bin(in, inbuf); if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key, - RSA_PKCS1_PADDING)) <= 0) - fatal("rsa_private_decrypt() failed"); - - BN_bin2bn(outbuf, len, out); - + RSA_PKCS1_PADDING)) <= 0) { + error("rsa_private_decrypt() failed"); + } else { + BN_bin2bn(outbuf, len, out); + } memset(outbuf, 0, olen); memset(inbuf, 0, ilen); xfree(outbuf); xfree(inbuf); + return len; } |