[openssl.org #2497] [PATCH] Improve RSAOaep Error Handling

Tue, 12 Apr 2011 00:15:42 -0700 

Currently, OpenSSL doesn't check the return code of EVP_DigestFinal_ex() in 
rsa_oaep.c. However, EVP_DigestFinal_ex can return an error, which leads to 
confusion for the caller of RSA Oaep. This patch makes it so we return an error 
code if something goes wrong. This compiles against 1.0.0d.

diff -ur ../openssl-1.0.0d/crypto/rsa/rsa_oaep.c src/crypto/rsa/rsa_oaep.c
--- ../openssl-1.0.0d/crypto/rsa/rsa_oaep.c 2009-06-26 16:14:11.000000000 -0700
+++ src/crypto/rsa/rsa_oaep.c 2011-03-25 11:23:40.000000000 -0700
@@ -188,7 +188,7 @@
  unsigned char cnt[4];
  EVP_MD_CTX c;
  unsigned char md[EVP_MAX_MD_SIZE];
- int mdlen;
+ int mdlen = 0, result = 0;

  EVP_MD_CTX_init(&c);
  mdlen = EVP_MD_size(dgst);
@@ -200,17 +200,17 @@
  cnt[1] = (unsigned char)((i >> 16) & 255);
  cnt[2] = (unsigned char)((i >> 8)) & 255;
  cnt[3] = (unsigned char)(i & 255);
- EVP_DigestInit_ex(&c,dgst, NULL);
- EVP_DigestUpdate(&c, seed, seedlen);
- EVP_DigestUpdate(&c, cnt, 4);
+ if (!EVP_DigestInit_ex(&c,dgst, NULL)) return -1;
+ if (!EVP_DigestUpdate(&c, seed, seedlen)) return -1;
+ if (!EVP_DigestUpdate(&c, cnt, 4)) return -1;
  if (outlen + mdlen <= len)
  {
- EVP_DigestFinal_ex(&c, mask + outlen, NULL);
+ if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL)) return -1;
  outlen += mdlen;
  }
  else
  {
- EVP_DigestFinal_ex(&c, md, NULL);
+ if (!EVP_DigestFinal_ex(&c, md, NULL)) return -1;
  memcpy(mask + outlen, md, len - outlen);
  outlen = len;
  }

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to