Index: crypto/openssl/crypto/asn1/tasn_dec.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/asn1/tasn_dec.c,v retrieving revision 1.1.1.2 diff -u -I__FBSDID -r1.1.1.2 tasn_dec.c --- crypto/openssl/crypto/asn1/tasn_dec.c 1 Oct 2003 12:32:37 -0000 1.1.1.2 +++ crypto/openssl/crypto/asn1/tasn_dec.c 27 Sep 2006 07:03:22 -0000 @@ -628,6 +628,9 @@ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); return 0; } else if(ret == -1) return -1; + + ret = 0; + /* SEQUENCE, SET and "OTHER" are left in encoded form */ if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { /* Clear context cache for type OTHER because the auto clear when Index: crypto/openssl/crypto/dh/dh.h =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/dh/dh.h,v retrieving revision 1.1.1.6 diff -u -I__FBSDID -r1.1.1.6 dh.h --- crypto/openssl/crypto/dh/dh.h 28 Jan 2003 21:21:24 -0000 1.1.1.6 +++ crypto/openssl/crypto/dh/dh.h 27 Sep 2006 07:03:22 -0000 @@ -70,6 +70,10 @@ #include #include +#ifndef OPENSSL_DH_MAX_MODULUS_BITS +# define OPENSSL_DH_MAX_MODULUS_BITS 10000 +#endif + #define DH_FLAG_CACHE_MONT_P 0x01 #ifdef __cplusplus @@ -200,6 +204,7 @@ /* Reason codes. */ #define DH_R_BAD_GENERATOR 101 #define DH_R_NO_PRIVATE_VALUE 100 +#define DH_R_MODULUS_TOO_LARGE 103 #ifdef __cplusplus } Index: crypto/openssl/crypto/dh/dh_err.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/dh/dh_err.c,v retrieving revision 1.1.1.5 diff -u -I__FBSDID -r1.1.1.5 dh_err.c --- crypto/openssl/crypto/dh/dh_err.c 25 Feb 2005 05:34:36 -0000 1.1.1.5 +++ crypto/openssl/crypto/dh/dh_err.c 27 Sep 2006 07:03:22 -0000 @@ -78,6 +78,7 @@ static ERR_STRING_DATA DH_str_reasons[]= { {DH_R_BAD_GENERATOR ,"bad generator"}, +{DH_R_MODULUS_TOO_LARGE ,"modulus too large"}, {DH_R_NO_PRIVATE_VALUE ,"no private value"}, {0,NULL} }; Index: crypto/openssl/crypto/dh/dh_key.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/dh/dh_key.c,v retrieving revision 1.1.1.9 diff -u -I__FBSDID -r1.1.1.9 dh_key.c --- crypto/openssl/crypto/dh/dh_key.c 25 Feb 2005 05:34:37 -0000 1.1.1.9 +++ crypto/openssl/crypto/dh/dh_key.c 27 Sep 2006 07:03:22 -0000 @@ -164,6 +164,12 @@ BIGNUM *tmp; int ret= -1; + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) + { + DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); + return -1; + } + ctx = BN_CTX_new(); if (ctx == NULL) goto err; BN_CTX_start(ctx); Index: crypto/openssl/crypto/dsa/dsa.h =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/dsa/dsa.h,v retrieving revision 1.1.1.7 diff -u -I__FBSDID -r1.1.1.7 dsa.h --- crypto/openssl/crypto/dsa/dsa.h 25 Feb 2005 05:34:39 -0000 1.1.1.7 +++ crypto/openssl/crypto/dsa/dsa.h 27 Sep 2006 07:03:23 -0000 @@ -79,6 +79,10 @@ # include #endif +#ifndef OPENSSL_DSA_MAX_MODULUS_BITS +# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 +#endif + #define DSA_FLAG_CACHE_MONT_P 0x01 #if defined(OPENSSL_FIPS) @@ -245,8 +249,10 @@ #define DSA_F_SIG_CB 114 /* Reason codes. */ +#define DSA_R_BAD_Q_VALUE 102 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 #define DSA_R_MISSING_PARAMETERS 101 +#define DSA_R_MODULUS_TOO_LARGE 103 #ifdef __cplusplus } Index: crypto/openssl/crypto/dsa/dsa_err.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/dsa/dsa_err.c,v retrieving revision 1.1.1.4 diff -u -I__FBSDID -r1.1.1.4 dsa_err.c --- crypto/openssl/crypto/dsa/dsa_err.c 28 Jan 2003 21:21:31 -0000 1.1.1.4 +++ crypto/openssl/crypto/dsa/dsa_err.c 27 Sep 2006 07:03:23 -0000 @@ -85,8 +85,10 @@ static ERR_STRING_DATA DSA_str_reasons[]= { +{DSA_R_BAD_Q_VALUE ,"bad q value"}, {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, {DSA_R_MISSING_PARAMETERS ,"missing parameters"}, +{DSA_R_MODULUS_TOO_LARGE ,"modulus too large"}, {0,NULL} }; Index: crypto/openssl/crypto/dsa/dsa_ossl.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/dsa/dsa_ossl.c,v retrieving revision 1.1.1.8 diff -u -I__FBSDID -r1.1.1.8 dsa_ossl.c --- crypto/openssl/crypto/dsa/dsa_ossl.c 25 Feb 2005 05:34:40 -0000 1.1.1.8 +++ crypto/openssl/crypto/dsa/dsa_ossl.c 27 Sep 2006 07:03:23 -0000 @@ -245,6 +245,18 @@ return -1; } + if (BN_num_bits(dsa->q) != 160) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); + return -1; + } + + if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE); + return -1; + } + BN_init(&u1); BN_init(&u2); BN_init(&t1); Index: crypto/openssl/crypto/rsa/rsa.h =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/rsa/rsa.h,v retrieving revision 1.11 diff -u -I__FBSDID -r1.11 rsa.h --- crypto/openssl/crypto/rsa/rsa.h 25 Feb 2005 05:49:43 -0000 1.11 +++ crypto/openssl/crypto/rsa/rsa.h 27 Sep 2006 07:03:23 -0000 @@ -155,6 +155,17 @@ BN_BLINDING *blinding; }; +#ifndef OPENSSL_RSA_MAX_MODULUS_BITS +# define OPENSSL_RSA_MAX_MODULUS_BITS 16400 +#endif + +#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS +# define OPENSSL_RSA_SMALL_MODULUS_BITS 4112 +#endif +#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS +# define OPENSSL_RSA_MAX_PUBEXP_BITS 72 /* exponent limit enforced for "large" modulus only */ +#endif + #define RSA_3 0x3L #define RSA_F4 0x10001L @@ -348,6 +359,7 @@ #define RSA_R_INVALID_MESSAGE_LENGTH 131 #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 #define RSA_R_KEY_SIZE_TOO_SMALL 120 +#define RSA_R_MODULUS_TOO_LARGE 105 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 Index: crypto/openssl/crypto/rsa/rsa_eay.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/rsa/rsa_eay.c,v retrieving revision 1.13 diff -u -I__FBSDID -r1.13 rsa_eay.c --- crypto/openssl/crypto/rsa/rsa_eay.c 25 Feb 2005 05:49:43 -0000 1.13 +++ crypto/openssl/crypto/rsa/rsa_eay.c 27 Sep 2006 07:03:24 -0000 @@ -105,6 +105,28 @@ unsigned char *buf=NULL; BN_CTX *ctx=NULL; + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; + } + + if (BN_ucmp(rsa->n, rsa->e) <= 0) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + + /* for large moduli, enforce exponent limit */ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) + { + if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + } + BN_init(&f); BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; @@ -505,6 +527,28 @@ unsigned char *buf=NULL; BN_CTX *ctx=NULL; + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; + } + + if (BN_ucmp(rsa->n, rsa->e) <= 0) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + + /* for large moduli, enforce exponent limit */ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) + { + if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + } + BN_init(&f); BN_init(&ret); ctx=BN_CTX_new(); Index: crypto/openssl/crypto/rsa/rsa_err.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/crypto/rsa/rsa_err.c,v retrieving revision 1.1.1.4 diff -u -I__FBSDID -r1.1.1.4 rsa_err.c --- crypto/openssl/crypto/rsa/rsa_err.c 28 Jan 2003 21:28:58 -0000 1.1.1.4 +++ crypto/openssl/crypto/rsa/rsa_err.c 27 Sep 2006 07:03:24 -0000 @@ -116,6 +116,7 @@ {RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"}, {RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"}, {RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"}, +{RSA_R_MODULUS_TOO_LARGE ,"modulus too large"}, {RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"}, {RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"}, {RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"}, Index: crypto/openssl/ssl/s2_clnt.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/ssl/s2_clnt.c,v retrieving revision 1.13 diff -u -I__FBSDID -r1.13 s2_clnt.c --- crypto/openssl/ssl/s2_clnt.c 25 Feb 2005 05:49:43 -0000 1.13 +++ crypto/openssl/ssl/s2_clnt.c 27 Sep 2006 07:03:24 -0000 @@ -538,7 +538,8 @@ CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509); } - if (s->session->peer != s->session->sess_cert->peer_key->x509) + if (s->session->sess_cert == NULL + || s->session->peer != s->session->sess_cert->peer_key->x509) /* can't happen */ { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); Index: crypto/openssl/ssl/s3_srvr.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/ssl/s3_srvr.c,v retrieving revision 1.1.1.14 diff -u -I__FBSDID -r1.1.1.14 s3_srvr.c --- crypto/openssl/ssl/s3_srvr.c 25 Feb 2005 05:38:27 -0000 1.1.1.14 +++ crypto/openssl/ssl/s3_srvr.c 27 Sep 2006 07:03:25 -0000 @@ -1733,7 +1733,7 @@ if (kssl_ctx->client_princ) { - int len = strlen(kssl_ctx->client_princ); + size_t len = strlen(kssl_ctx->client_princ); if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH ) { s->session->krb5_client_princ_len = len; Index: crypto/openssl/ssl/ssl_lib.c =================================================================== RCS file: /home/ncvs/src/crypto/openssl/ssl/ssl_lib.c,v retrieving revision 1.1.1.12 diff -u -I__FBSDID -r1.1.1.12 ssl_lib.c --- crypto/openssl/ssl/ssl_lib.c 25 Feb 2005 05:38:37 -0000 1.1.1.12 +++ crypto/openssl/ssl/ssl_lib.c 27 Sep 2006 07:03:26 -0000 @@ -1167,7 +1167,7 @@ c=sk_SSL_CIPHER_value(sk,i); for (cp=c->name; *cp; ) { - if (len-- == 0) + if (len-- <= 0) { *p='\0'; return(buf);