Correctly check for export size limit

40 bit ciphers are limited to 512 bit RSA, 56 bit ciphers to 1024 bit. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit ac38115c1a)
2015-04-18 12:50:25 +02:00 · 2015-04-18 12:50:25 +02:00 · 3b509e8cdc
commit 3b509e8cdc
parent 63830384e9
3 changed files with 4 additions and 5 deletions
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@ -103,7 +103,6 @@
 # define EVP_PKS_RSA     0x0100
 # define EVP_PKS_DSA     0x0200
 # define EVP_PKS_EC      0x0400
-# define EVP_PKT_EXP     0x1000 /* <= 512 bit key */

 # define EVP_PKEY_NONE   NID_undef
 # define EVP_PKEY_RSA    NID_rsaEncryption
--- a/crypto/x509/x509type.c
+++ b/crypto/x509/x509type.c
@ -121,9 +121,6 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
        }
    }

-    /* /8 because it's 1024 bits we look for, not bytes */
-    if (EVP_PKEY_size(pk) <= 1024 / 8)
-        ret |= EVP_PKT_EXP;
    if (pkey == NULL)
        EVP_PKEY_free(pk);
    return (ret);
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@ -3228,6 +3228,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
    int i, idx;
    long alg_k, alg_a;
    EVP_PKEY *pkey = NULL;
+    int pkey_bits;
    SESS_CERT *sc;
 #ifndef OPENSSL_NO_RSA
    RSA *rsa;
@ -3270,6 +3271,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
    }
 #endif
    pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
+    pkey_bits = EVP_PKEY_bits(pkey);
    i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
    EVP_PKEY_free(pkey);

@ -3323,7 +3325,8 @@ int ssl3_check_cert_and_algorithm(SSL *s)
    }
 #endif  /* !OPENSSL_NO_DH */

-    if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i, EVP_PKT_EXP)) {
+    if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+        pkey_bits > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
 #ifndef OPENSSL_NO_RSA
        if (alg_k & SSL_kRSA) {
            if (rsa == NULL