diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-12-08 12:16:02 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-12-10 02:53:52 +0000 |
commit | fecd4c265527459e3db5ac37bbf77ab47aa10dc7 (patch) | |
tree | 0654646e7fabb94fa3678d09cef841e2399d71a6 | |
parent | 5ae285ecb52bb569b4abee4d4939da360da73d03 (diff) | |
download | openssl-new-fecd4c265527459e3db5ac37bbf77ab47aa10dc7.tar.gz |
Check input length to pkey_rsa_verify()
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2065)
(cherry picked from commit 71bbc79b7d3b1195a7a7dd5f547d52ddce32d6f0)
Conflicts:
crypto/rsa/rsa_err.c
include/openssl/rsa.h
-rw-r--r-- | crypto/rsa/rsa_pmeth.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 94db87a063..ac583bf60b 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -373,6 +373,10 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx, if (rctx->pad_mode == RSA_PKCS1_PADDING) return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, sig, siglen, rsa); + if (tbslen != (size_t)EVP_MD_size(rctx->md)) { + RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH); + return -1; + } if (rctx->pad_mode == RSA_X931_PADDING) { if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0) return 0; |