summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src
diff options
context:
space:
mode:
authormarkus <markus@openbsd.org>2001-04-22 23:33:03 +0000
committermarkus <markus@openbsd.org>2001-04-22 23:33:03 +0000
commita1420d9d435bc4bc141f724be06da5b4516bb2df (patch)
tree22b7d3dfc571973bcd1f6ba9df58b98c39a9a778 /lib/libssl/src
parentFree fs->fs_contigdirs array only on successful rw->ro update. This (diff)
downloadwireguard-openbsd-a1420d9d435bc4bc141f724be06da5b4516bb2df.tar.xz
wireguard-openbsd-a1420d9d435bc4bc141f724be06da5b4516bb2df.zip
CRT and DH+SSL fix from 0.9.6a, ok provos@/deraadt@
Diffstat (limited to 'lib/libssl/src')
-rw-r--r--lib/libssl/src/crypto/rsa/rsa_eay.c12
-rw-r--r--lib/libssl/src/ssl/s3_srvr.c1
2 files changed, 12 insertions, 1 deletions
diff --git a/lib/libssl/src/crypto/rsa/rsa_eay.c b/lib/libssl/src/crypto/rsa/rsa_eay.c
index 8b8a1e279a7..ccaa62b2392 100644
--- a/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ b/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -419,7 +419,7 @@ err:
static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
{
const RSA_METHOD *meth;
- BIGNUM r1,m1;
+ BIGNUM r1,m1,vrfy;
int ret=0;
BN_CTX *ctx;
@@ -427,6 +427,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&m1);
BN_init(&r1);
+ BN_init(&vrfy);
if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
{
@@ -474,10 +475,19 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
if (!BN_add(r0,&r1,&m1)) goto err;
+ if (rsa->e && rsa->n)
+ {
+ if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
+ if (BN_cmp(I, &vrfy) != 0)
+ {
+ if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
+ }
+ }
ret=1;
err:
BN_clear_free(&m1);
BN_clear_free(&r1);
+ BN_clear_free(&vrfy);
BN_CTX_free(ctx);
return(ret);
}
diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c
index bb8cfb31e55..d04232960e3 100644
--- a/lib/libssl/src/ssl/s3_srvr.c
+++ b/lib/libssl/src/ssl/s3_srvr.c
@@ -1414,6 +1414,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
s->session->master_key_length=
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,p,i);
+ memset(p,0,i);
}
else
#endif
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.