RSA PSS: remove redundant check; changelog

Remove a check introduced in the previous buffer overflow fix with keys of
size 8N+1 which the subsequent fix for buffer start calculations made
redundant.

Added a changelog entry for the buffer start calculation fix.
This commit is contained in:
Gilles Peskine 2017-10-19 17:46:14 +02:00
parent b00b0da452
commit 91048a3aac
2 changed files with 3 additions and 2 deletions

View file

@ -18,6 +18,8 @@ Bugfix
* Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times. * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
Found by projectgus and jethrogb, #836. Found by projectgus and jethrogb, #836.
* Fix usage help in ssl_server2 example. Found and fixed by Bei Lin. * Fix usage help in ssl_server2 example. Found and fixed by Bei Lin.
* Fix some invalid RSA-PSS signatures with keys of size 8N+1 that were
accepted. Generating these signatures required the private key.
= mbed TLS 2.6.0 branch released 2017-08-10 = mbed TLS 2.6.0 branch released 2017-08-10

View file

@ -1399,8 +1399,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
while( p < hash_start - 1 && *p == 0 ) while( p < hash_start - 1 && *p == 0 )
p++; p++;
if( p == hash_start || if( *p++ != 0x01 )
*p++ != 0x01 )
{ {
mbedtls_md_free( &md_ctx ); mbedtls_md_free( &md_ctx );
return( MBEDTLS_ERR_RSA_INVALID_PADDING ); return( MBEDTLS_ERR_RSA_INVALID_PADDING );