wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Matt Caswell f296e411ef Fix buffer overrun in RSA signing 
The problem occurs in EVP_PKEY_sign() when using RSA with X931 padding.
It is only triggered if the RSA key size is smaller than the digest length.
So with SHA512 you can trigger the overflow with anything less than an RSA
512 bit key. I managed to trigger a 62 byte overflow when using a 16 bit RSA
key. This wasn't sufficient to cause a crash, although your mileage may
vary.

In practice RSA keys of this length are never used and X931 padding is very
rare. Even if someone did use an excessively short RSA key, the chances of
them combining that with a longer digest and X931 padding is very
small. For these reasons I do not believe there is a security implication to
this. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3
Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 34166d4189)
2015-04-30 23:21:53 +01:00
..
aes aes/asm/aesni-x86.pl: fix typo affecting Windows build. 2015-04-20 18:40:46 +02:00
asn1 Fix encoding bug in i2c_ASN1_INTEGER 2015-04-18 14:43:33 +01:00
bf Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
bio Clarify logic in BIO_*printf functions 2015-04-30 23:21:53 +01:00
bn make update 2015-04-21 17:50:36 +02:00
buffer Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
camellia Fix crash in SPARC T4 XTS. 2015-02-24 10:12:57 +01:00
cast Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
cmac Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cms Code style: space after 'if' 2015-04-16 13:50:01 -04:00
comp Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
conf RT3670: Check return from BUF_MEM_grow_clean 2015-02-12 13:01:33 -05:00
des Sanity check DES_enc_write buffer length 2015-04-30 23:14:55 +01:00
dh Code style: space after 'if' 2015-04-16 13:50:01 -04:00
dsa Code style: space after 'if' 2015-04-16 13:50:01 -04:00
dso Code style: space after 'if' 2015-04-16 13:50:01 -04:00
ec Add sanity check to print_bin function 2015-04-30 23:21:53 +01:00
ecdh Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ecdsa Fix RAND_(pseudo_)?_bytes returns 2015-03-25 12:41:28 +00:00
engine Remove unused eng_rsax and related asm file 2015-01-26 10:46:26 -05:00
err Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
evp Sanity check EVP_EncodeUpdate buffer len 2015-04-30 23:21:53 +01:00
hmac Code style: space after 'if' 2015-04-16 13:50:01 -04:00
idea Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
jpake Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
krb5 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
lhash Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
md2 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
md4 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
md5 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
mdc2 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
modes Appease clang -Wshadow 2015-04-08 17:59:41 +02:00
objects Code style: space after 'if' 2015-04-16 13:50:01 -04:00
ocsp Code style: space after 'if' 2015-04-16 13:50:01 -04:00
pem Fix formatting error in pem.h 2015-01-22 14:11:04 +00:00
perlasm Fix crash in SPARC T4 XTS. 2015-02-24 10:12:57 +01:00
pkcs7 PKCS#7: avoid NULL pointer dereferences with missing content 2015-03-19 12:58:35 +00:00
pkcs12 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pqueue Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
rand Code style: space after 'if' 2015-04-16 13:50:01 -04:00
rc2 Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
rc4 Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
rc5 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ripemd Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
rsa Fix buffer overrun in RSA signing 2015-04-30 23:21:53 +01:00
seed Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
sha sha/asm/sha*-armv8.pl: add Denver and X-Gene esults. 2015-04-02 09:51:32 +02:00
srp Code style: space after 'if' 2015-04-16 13:50:01 -04:00
stack Fix memset call in stack.c 2015-03-17 13:48:04 +00:00
store Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
threads Code style: space after 'if' 2015-04-16 13:50:01 -04:00
ts Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
txt_db Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ui Assume TERMIOS is default, remove TERMIO on all Linux. 2015-02-22 08:10:29 +01:00
whrlpool Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
x509 Revert "Fix verify algorithm." 2015-04-29 15:44:03 +01:00
x509v3 Code style: space after 'if' 2015-04-16 13:50:01 -04:00
.cvsignore Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev 2008-04-17 10:19:16 +00:00
alphacpuid.pl Alpha assembler fixed from HEAD. 2011-08-12 12:31:08 +00:00
arm64cpuid.S Add linux-aarch64 taget. 2014-06-10 23:20:55 +02:00
arm_arch.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
armcap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
armv4cpuid.S Remove inconsistency in ARM support. 2015-01-06 11:14:23 +01:00
constant_time_locl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
constant_time_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cpt_err.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cryptlib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cryptlib.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
crypto-lib.com Adjust VMS build to Unix build. Most of all, make it so the disabled 2014-06-18 13:43:09 +02:00
crypto.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cversion.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ebcdic.c Appease clang -Wempty-translation-unit 2015-04-08 17:59:40 +02:00
ebcdic.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ex_data.c Fix memory leak reporting. 2015-02-09 13:01:15 +00:00
fips_err.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
fips_ers.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ia64cpuid.S IA64 assembler pack update from HEAD. 2011-11-14 20:45:57 +00:00
install-crypto.com Adjust VMS build to Unix build. Most of all, make it so the disabled 2014-06-18 13:43:09 +02:00
LPdir_nyi.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_unix.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_vms.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_win.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_win32.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_wince.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
Makefile Make output from openssl version -f consistent with previous versions 2015-01-13 11:28:54 +00:00
md32_common.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
mem.c Fix CRYPTO_strdup 2015-04-22 17:20:38 +01:00
mem_clr.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
mem_dbg.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_dir.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_dir.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_dir_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_fips.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_init.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_str.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_str.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_time.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
o_time.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
opensslconf.h.in Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and 2005-12-16 10:37:24 +00:00
opensslv.h Prepare for 1.0.2b-dev 2015-03-19 13:34:56 +00:00
ossl_typ.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pariscid.pl PA-RISC assembler pack: switch to bve in 64-bit builds. 2013-06-30 23:13:23 +02:00
ppc_arch.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ppccap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ppccpuid.pl Initial POWER8 support from development branch. 2014-07-20 14:36:49 +02:00
s390xcap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s390xcpuid.S s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
sparc_arch.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
sparccpuid.S sparcv9cap.c: update from master. 2013-05-20 00:16:18 +02:00
sparcv9cap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
symhacks.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
uid.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
vms_rms.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
x86_64cpuid.pl x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:25:14 +01:00
x86cpuid.pl x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:25:14 +01:00