While exchanging emails with CERT about the problem in RSAREF2 they told me that somebody anonymous observed that there may be problem on the patch we released for RSAREF2. Together we produced a new version of this patch, which you can find in ftp://www.core-sdi.com/pub/patches/rsaref2.patch or at the end of this email. While we [Core SDI S.A.] and the CERT are not aware of any exploit that bypasses the checks performed by the previous version, this new version is more strict than the other, so we recommend you to use it. We still think that RSAREF's problem need to be solved a little better that with a patch, but still this is more than what we can legally do... while it's obligatory to use RSAREF [only] in the USA, nobody can legally alter its sources, so be careful when changing them. richie PS: You must apply this new patch to the original version of rsa.c. --------------------------------------- rsaref2.patch *** rsa.original.c Fri Mar 26 14:01:48 1994 --- rsa.c Fri Dec 10 12:56:34 1999 *************** *** 33,38 **** --- 33,41 ---- unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen; + if (publicKey->bits > MAX_RSA_MODULUS_BITS) + return (RE_LEN); + modulusLen = (publicKey->bits + 7) / 8; if (inputLen + 11 > modulusLen) return (RE_LEN); *************** *** 78,83 **** --- 81,89 ---- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen, pkcsBlockLen; + if (publicKey->bits > MAX_RSA_MODULUS_BITS) + return (RE_LEN); + modulusLen = (publicKey->bits + 7) / 8; if (inputLen > modulusLen) return (RE_LEN); *************** *** 128,133 **** --- 134,142 ---- int status; unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen; + + if (privateKey->bits > MAX_RSA_MODULUS_BITS) + return (RE_LEN); modulusLen = (privateKey->bits + 7) / 8; if (inputLen + 11 > modulusLen) *************** *** 168,173 **** --- 177,185 ---- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen, pkcsBlockLen; + if (privateKey->bits > MAX_RSA_MODULUS_BITS) + return (RE_LEN); + modulusLen = (privateKey->bits + 7) / 8; if (inputLen > modulusLen) return (RE_LEN); -- A390 1BBA 2C58 D679 5A71 - 86F9 404F 4B53 3944 C2D0 Investigacion y Desarrollo - CoreLabs - Core SDI http://www.core-sdi.com --- For a personal reply use gera@core-sdi.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:20:10 PDT