|
|
@@ -103,7 +103,7 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
|
|
|
} else {
|
|
|
/* PKCS #1 v1.5 decode it */
|
|
|
unsigned char *out;
|
|
|
- unsigned long outlen, loid[16];
|
|
|
+ unsigned long outlen, loid[16], reallen;
|
|
|
int decoded;
|
|
|
ltc_asn1_list digestinfo[2], siginfo[2];
|
|
|
|
|
|
@@ -145,8 +145,14 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
|
|
|
goto bail_2;
|
|
|
}
|
|
|
|
|
|
+ if ((err = der_length_sequence(siginfo, 2, &reallen)) != CRYPT_OK) {
|
|
|
+ XFREE(out);
|
|
|
+ goto bail_2;
|
|
|
+ }
|
|
|
+
|
|
|
/* test OID */
|
|
|
- if ((digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) &&
|
|
|
+ if ((reallen == outlen) &&
|
|
|
+ (digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) &&
|
|
|
(XMEMCMP(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) &&
|
|
|
(siginfo[1].size == hashlen) &&
|
|
|
(XMEMCMP(siginfo[1].data, hash, hashlen) == 0)) {
|
Steffen Jaeckel