Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
DISCONTINUED:openSUSE:11.1:Update
compat-openssl097g
openssl-0.9.7-CVE-2006-2940.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-0.9.7-CVE-2006-2940.patch of Package compat-openssl097g
diff -uNrp openssl-0.9.7g.orig/crypto/dh/dh_err.c openssl-0.9.7g/crypto/dh/dh_err.c --- crypto/dh/dh_err.c 2004-06-19 15:15:34.000000000 +0200 +++ crypto/dh/dh_err.c 2006-09-26 18:37:49.000000000 +0200 @@ -78,6 +78,7 @@ static ERR_STRING_DATA DH_str_functs[]= static ERR_STRING_DATA DH_str_reasons[]= { {DH_R_BAD_GENERATOR ,"bad generator"}, +{DH_R_MODULUS_TOO_LARGE ,"modulus too large"}, {DH_R_NO_PRIVATE_VALUE ,"no private value"}, {0,NULL} }; diff -uNrp openssl-0.9.7g.orig/crypto/dh/dh.h openssl-0.9.7g/crypto/dh/dh.h --- crypto/dh/dh.h 2004-06-19 15:15:34.000000000 +0200 +++ crypto/dh/dh.h 2006-09-26 18:36:45.000000000 +0200 @@ -70,6 +70,10 @@ #include <openssl/crypto.h> #include <openssl/ossl_typ.h> +#ifndef OPENSSL_DH_MAX_MODULUS_BITS +# define OPENSSL_DH_MAX_MODULUS_BITS 10000 +#endif + #define DH_FLAG_CACHE_MONT_P 0x01 #ifdef __cplusplus @@ -200,6 +204,7 @@ void ERR_load_DH_strings(void); /* Reason codes. */ #define DH_R_BAD_GENERATOR 101 #define DH_R_NO_PRIVATE_VALUE 100 +#define DH_R_MODULUS_TOO_LARGE 103 #ifdef __cplusplus } diff -uNrp openssl-0.9.7g.orig/crypto/dh/dh_key.c openssl-0.9.7g/crypto/dh/dh_key.c --- crypto/dh/dh_key.c 2004-06-19 15:15:34.000000000 +0200 +++ crypto/dh/dh_key.c 2006-09-26 18:34:15.000000000 +0200 @@ -164,6 +164,12 @@ static int compute_key(unsigned char *ke BIGNUM *tmp; int ret= -1; + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) + { + DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); + goto err; + } + ctx = BN_CTX_new(); if (ctx == NULL) goto err; BN_CTX_start(ctx); diff -uNrp openssl-0.9.7g.orig/crypto/dsa/dsa_err.c openssl-0.9.7g/crypto/dsa/dsa_err.c --- crypto/dsa/dsa_err.c 2002-03-09 19:24:08.000000000 +0100 +++ crypto/dsa/dsa_err.c 2006-09-26 18:40:49.000000000 +0200 @@ -85,8 +85,10 @@ static ERR_STRING_DATA DSA_str_functs[]= static ERR_STRING_DATA DSA_str_reasons[]= { +{DSA_R_BAD_Q_VALUE ,"bad q value"}, {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, {DSA_R_MISSING_PARAMETERS ,"missing parameters"}, +{DSA_R_MODULUS_TOO_LARGE ,"modulus too large"}, {0,NULL} }; diff -uNrp openssl-0.9.7g.orig/crypto/dsa/dsa.h openssl-0.9.7g/crypto/dsa/dsa.h --- crypto/dsa/dsa.h 2004-05-19 16:16:33.000000000 +0200 +++ crypto/dsa/dsa.h 2006-09-26 18:34:15.000000000 +0200 @@ -79,6 +79,10 @@ # include <openssl/dh.h> #endif +#ifndef OPENSSL_DSA_MAX_MODULUS_BITS +# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 +#endif + #define DSA_FLAG_CACHE_MONT_P 0x01 #if defined(OPENSSL_FIPS) @@ -245,8 +249,10 @@ void ERR_load_DSA_strings(void); #define DSA_F_SIG_CB 114 /* Reason codes. */ +#define DSA_R_BAD_Q_VALUE 102 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 #define DSA_R_MISSING_PARAMETERS 101 +#define DSA_R_MODULUS_TOO_LARGE 103 #ifdef __cplusplus } diff -uNrp openssl-0.9.7g.orig/crypto/dsa/dsa_ossl.c openssl-0.9.7g/crypto/dsa/dsa_ossl.c --- crypto/dsa/dsa_ossl.c 2004-05-11 14:45:16.000000000 +0200 +++ crypto/dsa/dsa_ossl.c 2006-09-26 18:34:15.000000000 +0200 @@ -245,6 +245,18 @@ static int dsa_do_verify(const unsigned return -1; } + if (BN_num_bits(dsa->q) != 160) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); + return -1; + } + + if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE); + return -1; + } + BN_init(&u1); BN_init(&u2); BN_init(&t1); diff -uNrp openssl-0.9.7g.orig/crypto/rsa/rsa_eay.c openssl-0.9.7g/crypto/rsa/rsa_eay.c --- crypto/rsa/rsa_eay.c 2004-05-11 14:45:46.000000000 +0200 +++ crypto/rsa/rsa_eay.c 2006-09-26 19:12:37.000000000 +0200 @@ -104,6 +104,28 @@ static int RSA_eay_public_encrypt(int fl unsigned char *buf=NULL; BN_CTX *ctx=NULL; + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; + } + + if (BN_ucmp(rsa->n, rsa->e) <= 0) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + + /* for large moduli, enforce exponent limit */ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) + { + if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + } + BN_init(&f); BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; @@ -504,6 +526,28 @@ static int RSA_eay_public_decrypt(int fl unsigned char *buf=NULL; BN_CTX *ctx=NULL; + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; + } + + if (BN_ucmp(rsa->n, rsa->e) <= 0) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + + /* for large moduli, enforce exponent limit */ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) + { + if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + } + BN_init(&f); BN_init(&ret); ctx=BN_CTX_new(); diff -uNrp openssl-0.9.7g.orig/crypto/rsa/rsa_err.c openssl-0.9.7g/crypto/rsa/rsa_err.c --- crypto/rsa/rsa_err.c 2001-07-25 19:02:58.000000000 +0200 +++ crypto/rsa/rsa_err.c 2006-09-26 19:14:35.000000000 +0200 @@ -116,6 +116,7 @@ static ERR_STRING_DATA RSA_str_reasons[] {RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"}, {RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"}, {RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"}, +{RSA_R_MODULUS_TOO_LARGE ,"modulus too large"}, {RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"}, {RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"}, {RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"}, diff -uNrp openssl-0.9.7g.orig/crypto/rsa/rsa.h openssl-0.9.7g/crypto/rsa/rsa.h --- crypto/rsa/rsa.h 2004-05-19 16:16:32.000000000 +0200 +++ crypto/rsa/rsa.h 2006-09-26 18:42:30.000000000 +0200 @@ -154,6 +154,17 @@ struct rsa_st BN_BLINDING *blinding; }; +#ifndef OPENSSL_RSA_MAX_MODULUS_BITS +# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 +#endif + +#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS +# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 +#endif +#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS +# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "small" modulus only */ +#endif + #define RSA_3 0x3L #define RSA_F4 0x10001L @@ -347,6 +358,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_INVALID_MESSAGE_LENGTH 131 #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 #define RSA_R_KEY_SIZE_TOO_SMALL 120 +#define RSA_R_MODULUS_TOO_LARGE 105 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor