Avoid creating invalid rsa pss params

Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8621) (cherry picked from commit 491360e7ab2f09fdaadfcd9ff84c425c8f4e5b03)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-03-31 13:56:23 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-04-10 20:24:57 +0200
commit: d8ceb246079a929461c0193255c8309348a0614c (patch)
tree: 93e6fef4de9a518474ee7d81e8e1fdb8f6cf06bd /crypto
parent: 24686b26548608d43e2816a65ee977b1e8c763b2 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 75debb3e0a..637b02c214 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -583,10 +583,12 @@ static RSA_PSS_PARAMS *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx)
         return NULL;
     if (saltlen == -1) {
         saltlen = EVP_MD_size(sigmd);
-    } else if (saltlen == -2) {
+    } else if (saltlen == -2 || saltlen == -3) {
         saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
         if ((EVP_PKEY_bits(pk) & 0x7) == 1)
             saltlen--;
+        if (saltlen < 0)
+            return NULL;
     }
 
     return rsa_pss_params_create(sigmd, mgf1md, saltlen);
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-03-31 13:56:23 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-04-10 20:24:57 +0200
commit	d8ceb246079a929461c0193255c8309348a0614c (patch)
tree	93e6fef4de9a518474ee7d81e8e1fdb8f6cf06bd /crypto
parent	24686b26548608d43e2816a65ee977b1e8c763b2 (diff)