Hi, In both openssl-0.9.8b and openssl trunk ssl3_send_server_key_exchange passes the address of an uninitialised variable to RSA_sign as the siglen parameter. In the presence of RSA_FLAG_SIGN_VER and an engine implementation that provides an rsa_sign method this can cause problems futher down the stack.
For example opensc's PKCS11_sign[1] is, IMHO, forced to make some undesirable assumptions about the memory it is passed. [1] http://www.opensc-project.org/libp11/browser/trunk/src/p11_ops.c at line 83. As ssl3_send_server_key already computes the appropriate size in order to allocate a buffer is there any reason why s3_srvr.c can not be changed to pass this size information down the stack via RSA_sign ? I propose the following trivial patch is a "good thing". It just copies the 'kn' variable, used for the buffer resize, into 'u' before calling RSA_sign. This patch is against http://cvs.openssl.org/getfile/openssl/ssl/s3_srvr.c?v=1.151 --- s3_srvr.c.orig 2007-06-01 16:04:43.000000000 +0100 +++ s3_srvr.c 2007-06-01 16:04:21.000000000 +0100 @@ -1539,6 +1539,7 @@ q+=i; j+=i; } + u = kn; if (RSA_sign(NID_md5_sha1, md_buf, j, &(p[2]), &u, pkey->pkey.rsa) <= 0) { ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
