Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
02da5bcd
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
02da5bcd
编写于
21年前
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
countermeasure against new Klima-Pokorny-Rosa atack
上级
9ed1fa48
无相关合并请求
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
22 addition
and
13 deletion
+22
-13
CHANGES
CHANGES
+10
-0
ssl/s3_srvr.c
ssl/s3_srvr.c
+12
-13
未找到文件。
CHANGES
浏览文件 @
02da5bcd
...
...
@@ -460,6 +460,16 @@
Changes between 0.9.7a and 0.9.7b [xx XXX 2003]
*) Countermeasure against the Klima-Pokorny-Rosa extension of
Bleichbacher's attack on PKCS #1 v1.5 padding: treat
a protocol version number mismatch like a decryption error
in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
[Bodo Moeller]
yet to be integrated into this CVS branch:
- RSA blinding changes
- Geoff's ENGINE_set_default() fix
*) Target "mingw" now allows native Windows code to be generated in
the Cygwin environment as well as with the MinGW compiler.
[Ulf Moeller]
...
...
This diff is collapsed.
Click to expand it.
ssl/s3_srvr.c
浏览文件 @
02da5bcd
...
...
@@ -1684,7 +1684,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
if
(
i
!=
SSL_MAX_MASTER_KEY_LENGTH
)
{
al
=
SSL_AD_DECODE_ERROR
;
SSLerr
(
SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE
,
SSL_R_BAD_RSA_DECRYPT
);
/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */
}
if
((
al
==
-
1
)
&&
!
((
p
[
0
]
==
(
s
->
client_version
>>
8
))
&&
(
p
[
1
]
==
(
s
->
client_version
&
0xff
))))
...
...
@@ -1700,30 +1700,29 @@ static int ssl3_get_client_key_exchange(SSL *s)
(
p
[
0
]
==
(
s
->
version
>>
8
))
&&
(
p
[
1
]
==
(
s
->
version
&
0xff
))))
{
al
=
SSL_AD_DECODE_ERROR
;
SSLerr
(
SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE
,
SSL_R_BAD_PROTOCOL_VERSION_NUMBER
);
goto
f_err
;
/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
/* The Klima-Pokorny-Rosa extension of Bleichenbacher's attack
* (http://eprint.iacr.org/2003/052/) exploits the version
* number check as a "bad version oracle" -- an alert would
* reveal that the plaintext corresponding to some ciphertext
* made up by the adversary is properly formatted except
* that the version number is wrong. To avoid such attacks,
* we should treat this just like any other decryption error. */
p
[
0
]
=
(
char
)(
int
)
"CAN-2003-0131 patch 2003-03-20"
;
}
}
if
(
al
!=
-
1
)
{
#if 0
goto f_err;
#else
/* Some decryption failure -- use random value instead as countermeasure
* against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
* (see RFC 2246, section 7.4.7.1).
* But note that due to length and protocol version checking, the
* attack is impractical anyway (see section 5 in D. Bleichenbacher:
* "Chosen Ciphertext Attacks Against Protocols Based on the RSA
* Encryption Standard PKCS #1", CRYPTO '98, LNCS 1462, pp. 1-12).
*/
* (see RFC 2246, section 7.4.7.1). */
ERR_clear_error
();
i
=
SSL_MAX_MASTER_KEY_LENGTH
;
p
[
0
]
=
s
->
client_version
>>
8
;
p
[
1
]
=
s
->
client_version
&
0xff
;
RAND_pseudo_bytes
(
p
+
2
,
i
-
2
);
/* should be RAND_bytes, but we cannot work around a failure */
#endif
}
s
->
session
->
master_key_length
=
...
...
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
反馈
建议
客服
返回
顶部