projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix SSL 2.0 rollback checking: The previous implementation of the
[openssl.git] / crypto / rsa / rsa_eay.c
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index 4525e6676c4d6f2edbdbfaf411341cf4a8e41ca3..618b5bd59565ec819272aa8a8e9d88f42cfea1ba 100644 (file)
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -62,6 +62,8 @@
 #include <openssl/rsa.h>
 #include <openssl/rand.h>
 
+#ifndef RSA_NULL
+
 static int RSA_eay_public_encrypt(int flen, unsigned char *from,
                unsigned char *to, RSA *rsa,int padding);
 static int RSA_eay_private_encrypt(int flen, unsigned char *from,
@@ -104,7 +106,7 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
        BN_init(&ret);
        if ((ctx=BN_CTX_new()) == NULL) goto err;
        num=BN_num_bytes(rsa->n);
-       if ((buf=(unsigned char *)Malloc(num)) == NULL)
+       if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
                {
                RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
                goto err;
@@ -159,7 +161,7 @@ err:
        if (buf != NULL) 
                {
                memset(buf,0,num);
-               Free(buf);
+               OPENSSL_free(buf);
                }
        return(r);
        }
@@ -177,7 +179,7 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
 
        if ((ctx=BN_CTX_new()) == NULL) goto err;
        num=BN_num_bytes(rsa->n);
-       if ((buf=(unsigned char *)Malloc(num)) == NULL)
+       if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
                {
                RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
                goto err;
@@ -205,11 +207,12 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
        if (rsa->flags & RSA_FLAG_BLINDING)
                if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
 
-       if (    (rsa->p != NULL) &&
+       if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
+               ((rsa->p != NULL) &&
                (rsa->q != NULL) &&
                (rsa->dmp1 != NULL) &&
                (rsa->dmq1 != NULL) &&
-               (rsa->iqmp != NULL))
+               (rsa->iqmp != NULL)) )
                { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
        else
                {
@@ -234,7 +237,7 @@ err:
        if (buf != NULL)
                {
                memset(buf,0,num);
-               Free(buf);
+               OPENSSL_free(buf);
                }
        return(r);
        }
@@ -255,13 +258,13 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
 
        num=BN_num_bytes(rsa->n);
 
-       if ((buf=(unsigned char *)Malloc(num)) == NULL)
+       if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
                {
                RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
                goto err;
                }
 
-       /* This check was for equallity but PGP does evil things
+       /* This check was for equality but PGP does evil things
         * and chops off the top '0' bytes */
        if (flen > num)
                {
@@ -278,11 +281,12 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
                if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
 
        /* do the decrypt */
-       if (    (rsa->p != NULL) &&
+       if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
+               ((rsa->p != NULL) &&
                (rsa->q != NULL) &&
                (rsa->dmp1 != NULL) &&
                (rsa->dmq1 != NULL) &&
-               (rsa->iqmp != NULL))
+               (rsa->iqmp != NULL)) )
                { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
        else
                {
@@ -326,7 +330,7 @@ err:
        if (buf != NULL)
                {
                memset(buf,0,num);
-               Free(buf);
+               OPENSSL_free(buf);
                }
        return(r);
        }
@@ -346,14 +350,14 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from,
        if (ctx == NULL) goto err;
 
        num=BN_num_bytes(rsa->n);
-       buf=(unsigned char *)Malloc(num);
+       buf=(unsigned char *)OPENSSL_malloc(num);
        if (buf == NULL)
                {
                RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
                goto err;
                }
 
-       /* This check was for equallity but PGP does evil things
+       /* This check was for equality but PGP does evil things
         * and chops off the top '0' bytes */
        if (flen > num)
                {
@@ -398,7 +402,7 @@ err:
        if (buf != NULL)
                {
                memset(buf,0,num);
-               Free(buf);
+               OPENSSL_free(buf);
                }
        return(r);
        }
@@ -484,4 +488,4 @@ static int RSA_eay_finish(RSA *rsa)
        return(1);
        }
 
-
+#endif
Unnamed repository; edit this file 'description' to name the repository.