generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

We should check the eight bytes starting at p[-9] for rollback attack

Browse Source 
detection, or the probability for an erroneous RSA_R_SSLV3_ROLLBACK_ATTACK
will be larger than necessary.

PR: 1695
This commit is contained in:
Bodo Möller 2008-07-17 22:11:53 +00:00
parent dd6f479ea8
commit 5b331ab77a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/rsa/rsa_ssl.c
View File

@ -130,7 +130,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING); RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
return(-1); return(-1);
} }
for (k= -8; k<0; k++) for (k = -9; k<-1; k++)
{ {
if (p[k] != 0x03) break; if (p[k] != 0x03) break;
} }