generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Workaround for libsafe "error".

Browse Source
This commit is contained in:
Dr. Stephen Henson
2001-02-12 03:04:59 +00:00
parent 1e376e41a2
commit c6b523d3dd
2 changed files with 11 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@@ -4,6 +4,11 @@
Changes between 0.9.6 and 0.9.6a [xx XXX 2001] Changes between 0.9.6 and 0.9.6a [xx XXX 2001]
*) Use the cached encoding of an X509_NAME structure rather than
copying it. This is apparently the reason for the libsafe "errors"
but the code is actually correct.
[Steve Henson]
*) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
Bleichenbacher's DSA attack. Bleichenbacher's DSA attack.
[Ulf Moeller] [Ulf Moeller]

18
crypto/x509/x509_cmp.c
View File

@@ -199,19 +199,13 @@ unsigned long X509_NAME_hash(X509_NAME *x)
{ {
unsigned long ret=0; unsigned long ret=0;
unsigned char md[16]; unsigned char md[16];
unsigned char str[256],*p,*pp;
int i;
i=i2d_X509_NAME(x,NULL); /* Ensure cached version is up to date */
if (i > sizeof(str)) i2d_X509_NAME(x,NULL);
p=OPENSSL_malloc(i); /* Use cached encoding directly rather than copying: this should
else * keep libsafe happy.
p=str; */
MD5((unsigned char *)x->bytes->data,x->bytes->length,&(md[0]));
pp=p;
i2d_X509_NAME(x,&pp);
MD5((unsigned char *)p,i,&(md[0]));
if (p != str) OPENSSL_free(p);
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)