Commit 259cf3dc authored by Robert Golebiowski's avatar Robert Golebiowski

Updated yassl to yassl-2.3.8

parent 0632dae7
......@@ -12,6 +12,14 @@ before calling SSL_new();
*** end Note ***
yaSSL Release notes, version 2.3.8 (9/17/2015)
This release of yaSSL fixes a high security vulnerability. All users
SHOULD update. If using yaSSL for TLS on the server side with private
RSA keys allowing ephemeral key exchange you MUST update and regenerate
the RSA private keys. This report is detailed in:
https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
yaSSL now detects RSA signature faults and returns an error.
yaSSL Patch notes, version 2.3.7e (6/26/2015)
This release of yaSSL includes a fix for Date less than comparison.
Previously yaSSL would return true on less than comparisons if the Dates
......
......@@ -35,7 +35,7 @@
#include "rsa.h"
#define YASSL_VERSION "2.3.7e"
#define YASSL_VERSION "2.3.8"
#if defined(__cplusplus)
......
......@@ -53,7 +53,8 @@ enum YasslError {
compress_error = 118,
decompress_error = 119,
pms_version_error = 120,
sanityCipher_error = 121
sanityCipher_error = 121,
rsaSignFault_error = 122
// !!!! add error message to .cpp !!!!
......
......@@ -1172,6 +1172,8 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
CertificateVerify verify;
verify.Build(ssl);
if (ssl.GetError()) return;
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
......
......@@ -148,6 +148,10 @@ void SetErrorString(YasslError error, char* buffer)
strncpy(buffer, "sanity check on cipher text size error", max);
break;
case rsaSignFault_error:
strncpy(buffer, "rsa signature fault error", max);
break;
// openssl errors
case SSL_ERROR_WANT_READ :
strncpy(buffer, "the read operation would block", max);
......
......@@ -196,9 +196,16 @@ void DH_Server::build(SSL& ssl)
sha.update(tmp.get_buffer(), tmp.get_size());
sha.get_digest(&hash[MD5_LEN]);
if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
auth->sign(signature_, hash, sizeof(hash),
ssl.getCrypto().get_random());
// check for rsa signautre fault
if (!auth->verify(hash, sizeof(hash), signature_,
auth->get_signatureLength())) {
ssl.SetError(rsaSignFault_error);
return;
}
}
else {
auth->sign(signature_, &hash[MD5_LEN], SHA_LEN,
ssl.getCrypto().get_random());
......@@ -2159,6 +2166,12 @@ void CertificateVerify::Build(SSL& ssl)
memcpy(sig.get(), len, VERIFY_HEADER);
rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes),
ssl.getCrypto().get_random());
// check for rsa signautre fault
if (!rsa.verify(hashes_.md5_, sizeof(Hashes), sig.get() + VERIFY_HEADER,
rsa.get_cipherLength())) {
ssl.SetError(rsaSignFault_error);
return;
}
}
else { // DSA
DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment