OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

1 files changed, 93 insertions, 60 deletions

diff --git a/lib/libcrypto/rsa/rsa_sign.c b/lib/libcrypto/rsa/rsa_sign.c
index 1740494a4c7..05bb7fb74af 100644
--- a/lib/libcrypto/rsa/rsa_sign.c
+++ b/lib/libcrypto/rsa/rsa_sign.c
@@ -63,59 +63,77 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
+/* Size of an SSL signature: MD5+SHA1 */
+#define SSL_SIG_LENGTH	36
+
 int RSA_sign(int type, unsigned char *m, unsigned int m_len,
 	     unsigned char *sigret, unsigned int *siglen, RSA *rsa)
 	{
 	X509_SIG sig;
 	ASN1_TYPE parameter;
 	int i,j,ret=1;
-	unsigned char *p,*s;
+	unsigned char *p,*s = NULL;
 	X509_ALGOR algor;
 	ASN1_OCTET_STRING digest;
-
-	sig.algor= &algor;
-	sig.algor->algorithm=OBJ_nid2obj(type);
-	if (sig.algor->algorithm == NULL)
-		{
-		RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
-		return(0);
-		}
-	if (sig.algor->algorithm->length == 0)
-		{
-		RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-		return(0);
+	if(rsa->flags & RSA_FLAG_SIGN_VER)
+	      return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
+	/* Special case: SSL signature, just check the length */
+	if(type == NID_md5_sha1) {
+		if(m_len != SSL_SIG_LENGTH) {
+			RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
+			return(0);
 		}
-	parameter.type=V_ASN1_NULL;
-	parameter.value.ptr=NULL;
-	sig.algor->parameter= &parameter;
+		i = SSL_SIG_LENGTH;
+		s = m;
+	} else {
+		sig.algor= &algor;
+		sig.algor->algorithm=OBJ_nid2obj(type);
+		if (sig.algor->algorithm == NULL)
+			{
+			RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+			return(0);
+			}
+		if (sig.algor->algorithm->length == 0)
+			{
+			RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+			return(0);
+			}
+		parameter.type=V_ASN1_NULL;
+		parameter.value.ptr=NULL;
+		sig.algor->parameter= &parameter;
 
-	sig.digest= &digest;
-	sig.digest->data=m;
-	sig.digest->length=m_len;
+		sig.digest= &digest;
+		sig.digest->data=m;
+		sig.digest->length=m_len;
 
-	i=i2d_X509_SIG(&sig,NULL);
+		i=i2d_X509_SIG(&sig,NULL);
+	}
 	j=RSA_size(rsa);
 	if ((i-RSA_PKCS1_PADDING) > j)
 		{
 		RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
 		return(0);
 		}
-	s=(unsigned char *)Malloc((unsigned int)j+1);
-	if (s == NULL)
-		{
-		RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
-		return(0);
-		}
-	p=s;
-	i2d_X509_SIG(&sig,&p);
+	if(type != NID_md5_sha1) {
+		s=(unsigned char *)Malloc((unsigned int)j+1);
+		if (s == NULL)
+			{
+			RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
+			return(0);
+			}
+		p=s;
+		i2d_X509_SIG(&sig,&p);
+	}
 	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
 	if (i <= 0)
 		ret=0;
 	else
 		*siglen=i;
 
-	memset(s,0,(unsigned int)j+1);
-	Free(s);
+	if(type != NID_md5_sha1) {
+		memset(s,0,(unsigned int)j+1);
+		Free(s);
+	}
 	return(ret);
 	}
 
@@ -132,53 +150,68 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
 		return(0);
 		}
 
+	if(rsa->flags & RSA_FLAG_SIGN_VER)
+	    return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
+
 	s=(unsigned char *)Malloc((unsigned int)siglen);
 	if (s == NULL)
 		{
 		RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
+	if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
+			RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
+			return(0);
+	}
 	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
 
 	if (i <= 0) goto err;
 
-	p=s;
-	sig=d2i_X509_SIG(NULL,&p,(long)i);
+	/* Special case: SSL signature */
+	if(dtype == NID_md5_sha1) {
+		if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
+				RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+		else ret = 1;
+	} else {
+		p=s;
+		sig=d2i_X509_SIG(NULL,&p,(long)i);
 
-	if (sig == NULL) goto err;
-	sigtype=OBJ_obj2nid(sig->algor->algorithm);
+		if (sig == NULL) goto err;
+		sigtype=OBJ_obj2nid(sig->algor->algorithm);
 
 
-#ifdef RSA_DEBUG
-	/* put a backward compatability flag in EAY */
-	fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
-		OBJ_nid2ln(dtype));
-#endif
-	if (sigtype != dtype)
-		{
-		if (((dtype == NID_md5) &&
-			(sigtype == NID_md5WithRSAEncryption)) ||
-			((dtype == NID_md2) &&
-			(sigtype == NID_md2WithRSAEncryption)))
+	#ifdef RSA_DEBUG
+		/* put a backward compatibility flag in EAY */
+		fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
+			OBJ_nid2ln(dtype));
+	#endif
+		if (sigtype != dtype)
 			{
-			/* ok, we will let it through */
-#if !defined(NO_STDIO) && !defined(WIN16)
-			fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
-#endif
+			if (((dtype == NID_md5) &&
+				(sigtype == NID_md5WithRSAEncryption)) ||
+				((dtype == NID_md2) &&
+				(sigtype == NID_md2WithRSAEncryption)))
+				{
+				/* ok, we will let it through */
+	#if !defined(NO_STDIO) && !defined(WIN16)
+				fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
+	#endif
+				}
+			else
+				{
+				RSAerr(RSA_F_RSA_VERIFY,
+						RSA_R_ALGORITHM_MISMATCH);
+				goto err;
+				}
 			}
-		else
+		if (	((unsigned int)sig->digest->length != m_len) ||
+			(memcmp(m,sig->digest->data,m_len) != 0))
 			{
-			RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH);
-			goto err;
+			RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
 			}
-		}
-	if (	((unsigned int)sig->digest->length != m_len) ||
-		(memcmp(m,sig->digest->data,m_len) != 0))
-		{
-		RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
-		}
-	else
-		ret=1;
+		else
+			ret=1;
+	}
 err:
 	if (sig != NULL) X509_SIG_free(sig);
 	memset(s,0,(unsigned int)siglen);