openssl/crypto/rsa
Matt Caswell 34166d4189 Fix buffer overrun in RSA signing
The problem occurs in EVP_PKEY_sign() when using RSA with X931 padding.
It is only triggered if the RSA key size is smaller than the digest length.
So with SHA512 you can trigger the overflow with anything less than an RSA
512 bit key. I managed to trigger a 62 byte overflow when using a 16 bit RSA
key. This wasn't sufficient to cause a crash, although your mileage may
vary.

In practice RSA keys of this length are never used and X931 padding is very
rare. Even if someone did use an excessively short RSA key, the chances of
them combining that with a longer digest and X931 padding is very
small. For these reasons I do not believe there is a security implication to
this. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3
Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-04-30 23:12:39 +01:00
..
Makefile Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant 2015-03-31 20:16:01 +02:00
rsa_ameth.c free NULL cleanup 5a 2015-04-30 17:33:59 -04:00
rsa_asn1.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_chk.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_crpt.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_depr.c free NULL cleanup 2015-03-24 23:17:16 -04:00
rsa_eay.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
rsa_err.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_gen.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_lib.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
rsa_locl.h Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_none.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_null.c Dead code: crypto/dh,modes,pkcs12,ripemd,rsa,srp 2015-02-03 11:20:56 -05:00
rsa_oaep.c OPENSSL_NO_xxx cleanup: SHA 2015-01-27 12:34:45 -05:00
rsa_pk1.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_pmeth.c Fix buffer overrun in RSA signing 2015-04-30 23:12:39 +01:00
rsa_prn.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_pss.c Re-align some comments after running the reformat script. 2015-01-22 09:20:10 +00:00
rsa_saos.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
rsa_sign.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
rsa_ssl.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_x931.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
rsa_x931g.c Fix RSA_X931_derive_ex 2015-03-12 09:26:14 +00:00