mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-24 22:58:50 +01:00
Code Issues Projects Releases Wiki Activity

Revise TROVE-2020-002 fix to work on older OpenSSL versions.

Browse source 
Although OpenSSL before 1.1.1 is no longer supported, it's possible
that somebody is still using it with 0.3.5, so we probably shouldn't
break it with this fix.
This commit is contained in:
Nick Mathewson 2020-03-14 13:38:53 -04:00
parent d0bce65ce2
commit be064f77b9
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/lib/crypt_ops/crypto_rsa_openssl.c
View file

@ -584,7 +584,11 @@ crypto_pk_asn1_decode_private(const char *str, size_t len, int max_bits)
crypto_openssl_log_errors(LOG_WARN,"decoding private key");
return NULL;
}
#ifdef OPENSSL_1_1_API
if (max_bits >= 0 && RSA_bits(rsa) > max_bits) {
#else
if (max_bits >= 0 && rsa->n && BN_num_bits(rsa->n) > max_bits) {
#endif
log_info(LD_CRYPTO, "Private key longer than expected.");
return NULL;
}