OpenSSL version 0.9.7c
OpSys: SunOS boost 5.8 Generic_108528-15 sun4u sparc SUNW,UltraAX-12
Hi.
The hw_cswift.c(cswift_rand_bytes) has a "note" in a comment stating that
CryptoSwift
accelerator card can only deal with requests that are even 32 bit (4 byte)
multiplies;
however the OpenSSL code does nothing to enforce this limitation.
Also, I noticed that the shortest rand request that cswift accelerator accepts
is 8 bytes (64 bits) (i.e. my setup fails with a 4 byte request).
The problem is triggered also internally in OpenSSL e.g. when RAND_bytes()
gets called from RSA_padding_add_PKCS1_type_2() when using 128 byte key
resulting in a RAND_bytes() call with a length of 117 bytes.
This is easy to fix in cswift_rand_bytes, enclosed please find one possible
way to do it.
The fix verifies the arguments and if the length would not be accepted by the
cswift, it allocates
a temporary buffer of correct size and then copies the cswift generated rand
bytes
to caller supplied original buffer from the temp buffer and frees the temp
buffer.
Thanks,
Juki
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
