55db24ca506cf5831bd31e32d26e5db2cc0264f9 - mirror/mbed-tls

commit	55db24ca506cf5831bd31e32d26e5db2cc0264f9	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Oct 17 19:01:38 2017 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Oct 17 19:30:12 2017 +0200
tree	9483c4d6f1148b8e148ace646b9b04f09b0bedb6
parent	a75a4591430919a6eb3d430aca396044fe3816d4 [diff]

RSA: Fix buffer overflow in PSS signature verification

Fix buffer overflow in RSA-PSS signature verification when the hash is
too large for the key size. Found by Seth Terashima, Qualcomm.

Added a non-regression test and a positive test with the smallest
permitted key size for a SHA-512 hash.

ChangeLog[diff]
library/rsa.c[diff]
tests/data_files/rsa512.key[Added - diff]
tests/data_files/rsa521.key[Added - diff]
tests/data_files/rsa522.key[Added - diff]
tests/data_files/rsa528.key[Added - diff]
tests/suites/test_suite_pkcs1_v21.data[diff]

7 files changed

tree: 9483c4d6f1148b8e148ace646b9b04f09b0bedb6

configs/
doxygen/
include/
library/
programs/
scripts/
tests/
visualc/
.gitignore
.travis.yml
ChangeLog
CMakeLists.txt
DartConfiguration.tcl
LICENSE
Makefile
README.rst