diff options
author | Jiasheng Jiang <jiasheng@purdue.edu> | 2024-03-22 19:18:34 +0000 |
---|---|---|
committer | Neil Horman <nhorman@openssl.org> | 2024-04-02 05:23:54 -0400 |
commit | 9f6a48749afdcd5f35fb671651fc6af2b0b7d97a (patch) | |
tree | 38f0fffb600d961aefdef15584b271d21c17163d /ssl | |
parent | 68d6dd3354597de01e7a9534be813756004e1351 (diff) |
ssl/t1_lib.c: Add checks for the EVP_MD_get_size()
Add checks for the EVP_MD_get_size() to avoid unexpected negative numbers.
Fixes: b362ccab5c ("Security framework.")
Fixes: 0fe3db251a ("Use size of server key when selecting signature algorithm.")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/23943)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/t1_lib.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 26a838f9f2..1b6802e7fc 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1649,6 +1649,8 @@ static int rsa_pss_check_min_key_size(SSL_CTX *ctx, const EVP_PKEY *pkey, return 0; if (!tls1_lookup_md(ctx, lu, &md) || md == NULL) return 0; + if (EVP_MD_get_size(md) <= 0) + return 0; if (EVP_PKEY_get_size(pkey) < RSA_PSS_MINIMUM_KEY_SIZE(md)) return 0; return 1; @@ -1831,6 +1833,8 @@ static int sigalg_security_bits(SSL_CTX *ctx, const SIGALG_LOOKUP *lu) /* Security bits: half digest bits */ secbits = EVP_MD_get_size(md) * 4; + if (secbits <= 0) + return 0; /* * SHA1 and MD5 are known to be broken. Reduce security bits so that * they're no longer accepted at security level 1. The real values don't |