Loading CHANGES +5 −0 Original line number Original line Diff line number Diff line Loading @@ -5,6 +5,11 @@ Changes between 0.9.1c and 0.9.2 Changes between 0.9.1c and 0.9.2 *) Fix to RSA private encryption routines: if p < q then it would occasionally produce an invalid result. This will only happen with externally generated keys because OpenSSL (and SSLeay) ensure p > q. [Steve Henson] *) Be less restrictive and allow also `perl util/perlpath.pl *) Be less restrictive and allow also `perl util/perlpath.pl /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin', /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin', because this way one can also use an interpreter named `perl5' (which is because this way one can also use an interpreter named `perl5' (which is Loading crypto/rsa/rsa_eay.c +9 −0 Original line number Original line Diff line number Diff line Loading @@ -473,6 +473,15 @@ RSA *rsa; if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; /* If p < q it is occasionally possible for the correction of * adding 'p' if r0 is negative above to leave the result still * negative. This can break the private key operations: the following * second correction should *always* correct this rare occurrence. * This will *never* happen with OpenSSL generated keys because * they ensure p > q [steve] */ if (r0->neg) if (!BN_add(r0,r0,rsa->p)) goto err; if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; if (!BN_add(r0,&r1,&m1)) goto err; if (!BN_add(r0,&r1,&m1)) goto err; Loading Loading
CHANGES +5 −0 Original line number Original line Diff line number Diff line Loading @@ -5,6 +5,11 @@ Changes between 0.9.1c and 0.9.2 Changes between 0.9.1c and 0.9.2 *) Fix to RSA private encryption routines: if p < q then it would occasionally produce an invalid result. This will only happen with externally generated keys because OpenSSL (and SSLeay) ensure p > q. [Steve Henson] *) Be less restrictive and allow also `perl util/perlpath.pl *) Be less restrictive and allow also `perl util/perlpath.pl /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin', /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin', because this way one can also use an interpreter named `perl5' (which is because this way one can also use an interpreter named `perl5' (which is Loading
crypto/rsa/rsa_eay.c +9 −0 Original line number Original line Diff line number Diff line Loading @@ -473,6 +473,15 @@ RSA *rsa; if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; /* If p < q it is occasionally possible for the correction of * adding 'p' if r0 is negative above to leave the result still * negative. This can break the private key operations: the following * second correction should *always* correct this rare occurrence. * This will *never* happen with OpenSSL generated keys because * they ensure p > q [steve] */ if (r0->neg) if (!BN_add(r0,r0,rsa->p)) goto err; if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; if (!BN_add(r0,&r1,&m1)) goto err; if (!BN_add(r0,&r1,&m1)) goto err; Loading
