diff options
| author | Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> | 2016-09-21 20:29:42 -0400 |
|---|---|---|
| committer | Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> | 2016-09-21 20:29:42 -0400 |
| commit | 62f0afa2ecead02b1258dabab8097ca278a22f8f (patch) | |
| tree | 56132d617fff7c4f05e67024ec872d88fcafa92d /Cryptlib/OpenSSL/crypto/rsa | |
| parent | d3819813b8e0a64400ddf3ce033bae7c3f245508 (diff) | |
| download | efi-boot-shim-62f0afa2ecead02b1258dabab8097ca278a22f8f.tar.gz efi-boot-shim-62f0afa2ecead02b1258dabab8097ca278a22f8f.zip | |
Import upstream version 0.9+1474479173.6c180c6
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/rsa')
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c | 6 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rsa/rsa_chk.c | 2 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rsa/rsa_gen.c | 4 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rsa/rsa_sign.c | 11 |
4 files changed, 11 insertions, 12 deletions
diff --git a/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c b/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c index cc9c3ce5..ddead3d7 100644 --- a/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c +++ b/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c @@ -270,7 +270,7 @@ static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg) { const unsigned char *p; int plen; - if (alg == NULL) + if (alg == NULL || alg->parameter == NULL) return NULL; if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) return NULL; @@ -768,6 +768,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, return 2; } +#ifndef OPENSSL_NO_CMS static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg, X509_ALGOR **pmaskHash) { @@ -791,7 +792,6 @@ static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg, return pss; } -#ifndef OPENSSL_NO_CMS static int rsa_cms_decrypt(CMS_RecipientInfo *ri) { EVP_PKEY_CTX *pkctx; @@ -864,9 +864,7 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri) X509_ALGOR_free(maskHash); return rv; } -#endif -#ifndef OPENSSL_NO_CMS static int rsa_cms_encrypt(CMS_RecipientInfo *ri) { const EVP_MD *md, *mgf1md; diff --git a/Cryptlib/OpenSSL/crypto/rsa/rsa_chk.c b/Cryptlib/OpenSSL/crypto/rsa/rsa_chk.c index f4383860..607faa00 100644 --- a/Cryptlib/OpenSSL/crypto/rsa/rsa_chk.c +++ b/Cryptlib/OpenSSL/crypto/rsa/rsa_chk.c @@ -1,4 +1,4 @@ -/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */ +/* crypto/rsa/rsa_chk.c */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. * diff --git a/Cryptlib/OpenSSL/crypto/rsa/rsa_gen.c b/Cryptlib/OpenSSL/crypto/rsa/rsa_gen.c index 2465fbde..7f7dca39 100644 --- a/Cryptlib/OpenSSL/crypto/rsa/rsa_gen.c +++ b/Cryptlib/OpenSSL/crypto/rsa/rsa_gen.c @@ -69,6 +69,8 @@ #include <openssl/rsa.h> #ifdef OPENSSL_FIPS # include <openssl/fips.h> +extern int FIPS_rsa_x931_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, + BN_GENCB *cb); #endif static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, @@ -94,7 +96,7 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); #ifdef OPENSSL_FIPS if (FIPS_mode()) - return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb); + return FIPS_rsa_x931_generate_key_ex(rsa, bits, e_value, cb); #endif return rsa_builtin_keygen(rsa, bits, e_value, cb); } diff --git a/Cryptlib/OpenSSL/crypto/rsa/rsa_sign.c b/Cryptlib/OpenSSL/crypto/rsa/rsa_sign.c index 19461c63..82ca8324 100644 --- a/Cryptlib/OpenSSL/crypto/rsa/rsa_sign.c +++ b/Cryptlib/OpenSSL/crypto/rsa/rsa_sign.c @@ -218,14 +218,13 @@ int int_rsa_verify(int dtype, const unsigned char *m, memcpy(rm, s + 2, 16); *prm_len = 16; ret = 1; - } else if (memcmp(m, s + 2, 16)) + } else if (memcmp(m, s + 2, 16)) { RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE); - else + } else { ret = 1; - } - - /* Special case: SSL signature */ - if (dtype == NID_md5_sha1) { + } + } else if (dtype == NID_md5_sha1) { + /* Special case: SSL signature */ if ((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH)) RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE); else |