This is a discussion on Re: [PATCH] ssl3_send_server_key_exchange (rsa) bug ? - Openssl ; >>>>> On Sat, 2 Jun 2007 19:35:37 +0200, Stephen Henson said: > > On Fri, Jun 01, 2007, Robin Bryce wrote: > > > Hi, > > > > In both openssl-0.9.8b and openssl trunk ssl3_send_server_key_exchange > > passes the ...
>>>>> On Sat, 2 Jun 2007 19:35:37 +0200, Stephen Henson said:
> On Fri, Jun 01, 2007, Robin Bryce wrote:
> > Hi,
> > In both openssl-0.9.8b and openssl trunk ssl3_send_server_key_exchange
> > passes the address of an uninitialised variable to RSA_sign as the
> > siglen parameter. In the presence of RSA_FLAG_SIGN_VER and an engine
> > implementation that provides an rsa_sign method this can cause
> > problems futher down the stack.
> > For example opensc's PKCS11_sign is, IMHO, forced to make some
> > undesirable assumptions about the memory it is passed.
> >  http://www.opensc-project.org/libp11.../src/p11_ops.c at
> > line 83.
> > As ssl3_send_server_key already computes the appropriate size in order
> > to allocate a buffer is there any reason why s3_srvr.c can not be
> > changed to pass this size information down the stack via RSA_sign ?
> The problem is that the RSA_sign() function has always worked like that since
> the SSLeay days and it is documented behaviour. The siglen parameter is
> effectively treated as an output parameter only and it cannot be assumed to be
> It is also a requirement that the buffer must contain RSA_size(key) bytes of
It looks like it is 2 bytes too short at the moment (it doesn't include the 2
bytes holding the key length).
Here is a patch for that:
--- openssl-SNAP-20070604-orig/ssl/s3_srvr.c Tue Apr 24 03:02:03 2007
+++ openssl-SNAP-20070604/ssl/s3_srvr.c Mon Jun 4 11:52:42 2007
@@ -1459,7 +1459,7 @@
OpenSSL Project http://www.openssl.org
Development Mailing List email@example.com
Automated List Manager firstname.lastname@example.org