summaryrefslogtreecommitdiff
path: root/extra/yassl
diff options
context:
space:
mode:
Diffstat (limited to 'extra/yassl')
-rw-r--r--extra/yassl/README8
-rw-r--r--extra/yassl/include/openssl/ssl.h2
-rw-r--r--extra/yassl/include/yassl_error.hpp3
-rw-r--r--extra/yassl/src/handshake.cpp2
-rw-r--r--extra/yassl/src/yassl_error.cpp4
-rw-r--r--extra/yassl/src/yassl_imp.cpp15
6 files changed, 31 insertions, 3 deletions
diff --git a/extra/yassl/README b/extra/yassl/README
index 47ec1a66ea3..bf0e1c9f40f 100644
--- a/extra/yassl/README
+++ b/extra/yassl/README
@@ -12,6 +12,14 @@ before calling SSL_new();
*** end Note ***
+yaSSL Release notes, version 2.3.8 (9/17/2015)
+ This release of yaSSL fixes a high security vulnerability. All users
+ SHOULD update. If using yaSSL for TLS on the server side with private
+ RSA keys allowing ephemeral key exchange you MUST update and regenerate
+ the RSA private keys. This report is detailed in:
+ https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
+ yaSSL now detects RSA signature faults and returns an error.
+
yaSSL Patch notes, version 2.3.7e (6/26/2015)
This release of yaSSL includes a fix for Date less than comparison.
Previously yaSSL would return true on less than comparisons if the Dates
diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h
index 9e16f9278a7..b0a7592f870 100644
--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -35,7 +35,7 @@
#include "rsa.h"
-#define YASSL_VERSION "2.3.7e"
+#define YASSL_VERSION "2.3.8"
#if defined(__cplusplus)
diff --git a/extra/yassl/include/yassl_error.hpp b/extra/yassl/include/yassl_error.hpp
index beba7b0b5dd..d63244dca90 100644
--- a/extra/yassl/include/yassl_error.hpp
+++ b/extra/yassl/include/yassl_error.hpp
@@ -53,7 +53,8 @@ enum YasslError {
compress_error = 118,
decompress_error = 119,
pms_version_error = 120,
- sanityCipher_error = 121
+ sanityCipher_error = 121,
+ rsaSignFault_error = 122
// !!!! add error message to .cpp !!!!
diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp
index 33303b1106d..aa2de39333c 100644
--- a/extra/yassl/src/handshake.cpp
+++ b/extra/yassl/src/handshake.cpp
@@ -1172,6 +1172,8 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
CertificateVerify verify;
verify.Build(ssl);
+ if (ssl.GetError()) return;
+
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
diff --git a/extra/yassl/src/yassl_error.cpp b/extra/yassl/src/yassl_error.cpp
index e5d69367339..5169b7dd5d0 100644
--- a/extra/yassl/src/yassl_error.cpp
+++ b/extra/yassl/src/yassl_error.cpp
@@ -148,6 +148,10 @@ void SetErrorString(YasslError error, char* buffer)
strncpy(buffer, "sanity check on cipher text size error", max);
break;
+ case rsaSignFault_error:
+ strncpy(buffer, "rsa signature fault error", max);
+ break;
+
// openssl errors
case SSL_ERROR_WANT_READ :
strncpy(buffer, "the read operation would block", max);
diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp
index 69ba469b928..1baa5adedf8 100644
--- a/extra/yassl/src/yassl_imp.cpp
+++ b/extra/yassl/src/yassl_imp.cpp
@@ -196,9 +196,16 @@ void DH_Server::build(SSL& ssl)
sha.update(tmp.get_buffer(), tmp.get_size());
sha.get_digest(&hash[MD5_LEN]);
- if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
+ if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
auth->sign(signature_, hash, sizeof(hash),
ssl.getCrypto().get_random());
+ // check for rsa signautre fault
+ if (!auth->verify(hash, sizeof(hash), signature_,
+ auth->get_signatureLength())) {
+ ssl.SetError(rsaSignFault_error);
+ return;
+ }
+ }
else {
auth->sign(signature_, &hash[MD5_LEN], SHA_LEN,
ssl.getCrypto().get_random());
@@ -2159,6 +2166,12 @@ void CertificateVerify::Build(SSL& ssl)
memcpy(sig.get(), len, VERIFY_HEADER);
rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes),
ssl.getCrypto().get_random());
+ // check for rsa signautre fault
+ if (!rsa.verify(hashes_.md5_, sizeof(Hashes), sig.get() + VERIFY_HEADER,
+ rsa.get_cipherLength())) {
+ ssl.SetError(rsaSignFault_error);
+ return;
+ }
}
else { // DSA
DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false);