* [including the GNU Public Licence.]
*/
+#define OPENSSL_FIPSAPI
+
#include <stdio.h>
#include "cryptlib.h"
-#include "bn.h"
-#include "rsa.h"
-#include "rand.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
- int flen)
+int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+ const unsigned char *from, int flen)
{
int i,j;
unsigned char *p;
/* pad out with non-zero random data */
j=tlen-3-8-flen;
- RAND_bytes(p,j);
+ if (RAND_bytes(p,j) <= 0)
+ return(0);
for (i=0; i<j; i++)
{
if (*p == '\0')
do {
- RAND_bytes(p,1);
+ if (RAND_bytes(p,1) <= 0)
+ return(0);
} while (*p == '\0');
p++;
}
return(1);
}
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
- int flen, int num)
+int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+ const unsigned char *from, int flen, int num)
{
int i,j,k;
- unsigned char *p;
+ const unsigned char *p;
p=from;
if (flen < 10)
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
return(-1);
}
- for (k= -8; k<0; k++)
+ for (k = -9; k<-1; k++)
{
if (p[k] != 0x03) break;
}
- if (k == 0)
+ if (k == -1)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
return(-1);
i++; /* Skip over the '\0' */
j-=i;
+ if (j > tlen)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
+ return(-1);
+ }
memcpy(to,p,(unsigned int)j);
return(j);
projects / openssl.git / blobdiff