kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clarify checking of emLen in RSA_padding_add_PKCS1_PSS_mgf1.

Browse Source 
There is a comment "Note from a test above this value is guaranteed to
be non-negative". Reorganize the code to make it more clear that that
is actually the case, especially in the case where sLen == -1.

Change-Id: I09a3dd99458e34102c42d8d3a2f22c16c684c673
Reviewed-on: https://boringssl-review.googlesource.com/9172
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
Brian Smith 2016-08-08 12:20:36 -10:00 committed by CQ bot account: commit-bot@chromium.org
parent baafa4a653
commit 8585701b2e
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
crypto/rsa/padding.c
View File

@ -623,6 +623,11 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
emLen--;
}
if (emLen < hLen + 2) {
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
/* Negative sLen has special meanings:
* -1 sLen == hLen
* -2 salt length is maximized
@ -630,18 +635,17 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
if (sLen == -1) {
sLen = hLen;
} else if (sLen == -2) {
if (emLen < hLen + 2) {
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
sLen = emLen - hLen - 2;
} else if (sLen < -2) {
OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED);
goto err;
} else if (emLen < hLen + sLen + 2) {
}
if (emLen - hLen - 2 < (size_t)sLen) {
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
if (sLen > 0) {
salt = OPENSSL_malloc(sLen);
if (!salt) {