Hello!
On Wed, 1 Jun 2005, Jostein Tveit wrote:
"Dmitry Belyavsky via RT" <[EMAIL PROTECTED]> writes:
I use 0.9.8-stable-SNAP-20050601 snapshot. Problem occurs on digest
signing.
This seems to be the same bug as I reported just a couple of
hours ago on openssl-dev.
(Se post with subject "openssl-0.9.8-beta3, Sun Forte compiler,
64-bit Solaris 8, core dump and RNG error.")
It seems to be the same with the 1st part of bug report.
But smime -decrypt shouldn't use random data.
Try to see if you get the same error as me if you apply the error
checking patch:
diff -ur openssl-0.9.8-beta3-orig/crypto/rsa/rsa_lib.c
openssl-0.9.8-beta3-work/crypto/rsa/rsa_lib.c
--- openssl-0.9.8-beta3-orig/crypto/rsa/rsa_lib.c 2005-05-11 03:45:33.000000000
+0000
+++ openssl-0.9.8-beta3-work/crypto/rsa/rsa_lib.c 2005-06-01 12:31:33.490002000
+0000
@@ -402,6 +402,11 @@
ret = BN_BLINDING_create_param(NULL, e, rsa->n, ctx,
rsa->meth->bn_mod_exp, rsa->_method_mod_n);
+ if (!ret)
+ {
+ RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id());
err:
BN_CTX_end(ctx);
So if error is occurs in BN_BLINDING_create_param() because of expecting
random data, your patch shouldn't help to decrypt a message.
Thank you.
--
SY, Dmitry Belyavsky (ICQ UIN 11116575)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
