Revision f296e411efc2d3ebbf37bdc9c1111e84a5982ec6 authored by Matt Caswell on 29 April 2015, 12:22:18 UTC, committed by Matt Caswell on 30 April 2015, 22:21:53 UTC
The problem occurs in EVP_PKEY_sign() when using RSA with X931 padding. It is only triggered if the RSA key size is smaller than the digest length. So with SHA512 you can trigger the overflow with anything less than an RSA 512 bit key. I managed to trigger a 62 byte overflow when using a 16 bit RSA key. This wasn't sufficient to cause a crash, although your mileage may vary. In practice RSA keys of this length are never used and X931 padding is very rare. Even if someone did use an excessively short RSA key, the chances of them combining that with a longer digest and X931 padding is very small. For these reasons I do not believe there is a security implication to this. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for reporting this issue. Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 34166d41892643a36ad2d1f53cc0025e2edc2a39)
1 parent 5bea797
| File | Mode | Size |
|---|---|---|
| MacOS | ||
| Netware | ||
| VMS | ||
| apps | ||
| bugs | ||
| certs | ||
| crypto | ||
| demos | ||
| doc | ||
| engines | ||
| include | ||
| ms | ||
| os2 | ||
| perl | ||
| shlib | ||
| ssl | ||
| test | ||
| times | ||
| tools | ||
| util | ||
| .cvsignore | -rw-r--r-- | 193 bytes |
| .gitignore | -rw-r--r-- | 1.7 KB |
| ACKNOWLEDGMENTS | -rw-r--r-- | 1.0 KB |
| CHANGES | -rw-r--r-- | 455.6 KB |
| CHANGES.SSLeay | -rw-r--r-- | 41.7 KB |
| Configure | -rwxr-xr-x | 108.7 KB |
| FAQ | -rw-r--r-- | 45.7 KB |
| GitConfigure | -rwxr-xr-x | 207 bytes |
| GitMake | -rwxr-xr-x | 81 bytes |
| INSTALL | -rw-r--r-- | 14.3 KB |
| INSTALL.DJGPP | -rw-r--r-- | 2.0 KB |
| INSTALL.MacOS | -rw-r--r-- | 3.2 KB |
| INSTALL.NW | -rw-r--r-- | 18.4 KB |
| INSTALL.OS2 | -rw-r--r-- | 744 bytes |
| INSTALL.VMS | -rw-r--r-- | 10.7 KB |
| INSTALL.W32 | -rw-r--r-- | 11.6 KB |
| INSTALL.W64 | -rw-r--r-- | 2.1 KB |
| INSTALL.WCE | -rw-r--r-- | 3.2 KB |
| LICENSE | -rw-r--r-- | 6.1 KB |
| Makefile.org | -rw-r--r-- | 23.6 KB |
| Makefile.shared | -rw-r--r-- | 21.4 KB |
| NEWS | -rw-r--r-- | 30.1 KB |
| PROBLEMS | -rw-r--r-- | 8.5 KB |
| README | -rw-r--r-- | 7.7 KB |
| README.ASN1 | -rw-r--r-- | 7.5 KB |
| README.ENGINE | -rw-r--r-- | 15.7 KB |
| TABLE | -rw-r--r-- | 171.9 KB |
| config | -rwxr-xr-x | 28.4 KB |
| e_os.h | -rw-r--r-- | 24.7 KB |
| e_os2.h | -rw-r--r-- | 10.5 KB |
| install.com | -rw-r--r-- | 3.6 KB |
| makevms.com | -rwxr-xr-x | 39.2 KB |
| openssl.doxy | -rw-r--r-- | 137 bytes |
| openssl.spec | -rw-r--r-- | 7.7 KB |
Computing file changes ...
