[openssl/openssl] de2541: Add checks for saltlen and trailerfield to rsa key...

Daniel Fiala noreply at reply.github.openssl.org
Mon Jun 27 09:00:06 UTC 2022 

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: de2541c2806280845a6babfab4339ccb5bfca10f
      https://github.openssl.org/openssl/openssl/commit/de2541c2806280845a6babfab4339ccb5bfca10f
  Author: Daniel Fiala <daniel at openssl.org>
  Date:   2022-06-27 (Mon, 27 Jun 2022)

  Changed paths:
    M providers/common/der/der_rsa_key.c
    M test/recipes/15-test_rsapss.t
    A test/recipes/15-test_rsapss_data/negativesaltlen.pem

  Log Message:
  -----------
  Add checks for saltlen and trailerfield to rsa key writer.

Fixes openssl#18168.

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)

(cherry picked from commit 48320997b49b07b5abadec89c7fbe5d5f3d41da4)


  Commit: a56ccd9ee283fec5ae0c0f4b848137c208e4e1a7
      https://github.openssl.org/openssl/openssl/commit/a56ccd9ee283fec5ae0c0f4b848137c208e4e1a7
  Author: Daniel Fiala <daniel at openssl.org>
  Date:   2022-06-27 (Mon, 27 Jun 2022)

  Changed paths:
    M crypto/der_writer.c
    M doc/internal/man3/ossl_DER_w_bn.pod
    M doc/internal/man7/DERlib.pod
    M include/internal/der.h
    M providers/common/der/der_rsa_key.c

  Log Message:
  -----------
  der_writer: Use uint32_t instead of long.

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)

(cherry picked from commit 59196250cb45ecd128d2f8bbc47de612167606d3)


  Commit: 7ee7ed9b793884f8a0de571434a44f42454adbdd
      https://github.openssl.org/openssl/openssl/commit/7ee7ed9b793884f8a0de571434a44f42454adbdd
  Author: Daniel Fiala <daniel at openssl.org>
  Date:   2022-06-27 (Mon, 27 Jun 2022)

  Changed paths:
    M providers/common/der/der_rsa_key.c

  Log Message:
  -----------
  Improve checks for invalid saltlen in DER writer.

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)

(cherry picked from commit 08f876d0dea184b071a5aded4c55317e5a63c80e)


Compare: https://github.openssl.org/openssl/openssl/compare/cc7c127d697a...7ee7ed9b7938

More information about the openssl-commits mailing list