Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
a74333f9
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a74333f9
编写于
1月 15, 2003
作者:
L
Lutz Jänicke
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix initialization sequence to prevent freeing of unitialized objects.
Submitted by: Nils Larsch <nla@trustcenter.de> PR: 459
上级
365e1462
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
26 addition
and
6 deletion
+26
-6
CHANGES
CHANGES
+12
-0
crypto/dsa/dsa_ossl.c
crypto/dsa/dsa_ossl.c
+9
-4
crypto/ecdsa/ecs_ossl.c
crypto/ecdsa/ecs_ossl.c
+5
-2
未找到文件。
CHANGES
浏览文件 @
a74333f9
...
...
@@ -4,6 +4,12 @@
Changes between 0.9.7 and 0.9.8 [xx XXX xxxx]
*) ECDSA routines: under certain error conditions uninitialized BN objects
could be freed. Solution: make sure initialization is performed early
enough. (Reported and fix supplied by Nils Larsch <nla@trustcenter.de>
via PR#459)
[Lutz Jaenicke]
*) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD
and DH_METHOD (eg. by ENGINE implementations) to override the normal
software implementations. For DSA and DH, parameter generation can
...
...
@@ -375,6 +381,12 @@ TODO: bug: pad x with leading zeros if necessary
Changes between 0.9.7 and 0.9.7a [XX xxx 2003]
*) DSA routines: under certain error conditions uninitialized BN objects
could be freed. Solution: make sure initialization is performed early
enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
Nils Larsch <nla@trustcenter.de> via PR#459)
[Lutz Jaenicke]
*) Another fix for SSLv2 session ID handling: the session ID was incorrectly
checked on reconnect on the client side, therefore session resumption
could still fail with a "ssl session id is different" error. This
...
...
crypto/dsa/dsa_ossl.c
浏览文件 @
a74333f9
...
...
@@ -108,13 +108,15 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
int
i
,
reason
=
ERR_R_BN_LIB
;
DSA_SIG
*
ret
=
NULL
;
BN_init
(
&
m
);
BN_init
(
&
xr
);
if
(
!
dsa
->
p
||
!
dsa
->
q
||
!
dsa
->
g
)
{
reason
=
DSA_R_MISSING_PARAMETERS
;
goto
err
;
}
BN_init
(
&
m
);
BN_init
(
&
xr
);
s
=
BN_new
();
if
(
s
==
NULL
)
goto
err
;
...
...
@@ -180,6 +182,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
DSAerr
(
DSA_F_DSA_SIGN_SETUP
,
DSA_R_MISSING_PARAMETERS
);
return
0
;
}
BN_init
(
&
k
);
if
(
ctx_in
==
NULL
)
{
if
((
ctx
=
BN_CTX_new
())
==
NULL
)
goto
err
;
...
...
@@ -187,7 +192,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
else
ctx
=
ctx_in
;
BN_init
(
&
k
);
if
((
r
=
BN_new
())
==
NULL
)
goto
err
;
kinv
=
NULL
;
...
...
@@ -243,11 +247,12 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
return
-
1
;
}
if
((
ctx
=
BN_CTX_new
())
==
NULL
)
goto
err
;
BN_init
(
&
u1
);
BN_init
(
&
u2
);
BN_init
(
&
t1
);
if
((
ctx
=
BN_CTX_new
())
==
NULL
)
goto
err
;
if
(
BN_is_zero
(
sig
->
r
)
||
BN_get_sign
(
sig
->
r
)
||
BN_ucmp
(
sig
->
r
,
dsa
->
q
)
>=
0
)
{
...
...
crypto/ecdsa/ecs_ossl.c
浏览文件 @
a74333f9
...
...
@@ -94,6 +94,9 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_PASSED_NULL_PARAMETER
);
return
0
;
}
BN_init
(
&
k
);
if
(
ctx_in
==
NULL
)
{
if
((
ctx
=
BN_CTX_new
())
==
NULL
)
...
...
@@ -134,7 +137,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
do
{
/* get random k */
BN_init
(
&
k
);
do
if
(
!
BN_rand_range
(
&
k
,
order
))
{
...
...
@@ -223,6 +225,8 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
ECDSA_SIG
*
ret
=
NULL
;
ECDSA_DATA
*
ecdsa
;
BN_init
(
&
xr
);
ecdsa
=
ecdsa_check
(
eckey
);
if
(
!
eckey
||
!
eckey
->
group
||
!
eckey
->
pub_key
||
!
eckey
->
priv_key
...
...
@@ -231,7 +235,6 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_PASSED_NULL_PARAMETER
);
goto
err
;
}
BN_init
(
&
xr
);
if
((
ctx
=
BN_CTX_new
())
==
NULL
||
(
order
=
BN_new
())
==
NULL
||
(
tmp
=
BN_new
())
==
NULL
||
(
m
=
BN_new
())
==
NULL
||
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录