2006-10-04 Sebastien Pouliot <sebastien@ximian.com>

author Sebastien Pouliot <sebastien@ximian.com>

Wed, 4 Oct 2006 19:26:26 +0000 (19:26 -0000)

committer Sebastien Pouliot <sebastien@ximian.com>

Wed, 4 Oct 2006 19:26:26 +0000 (19:26 -0000)
author Sebastien Pouliot <sebastien@ximian.com>
Wed, 4 Oct 2006 19:26:26 +0000 (19:26 -0000)
committer Sebastien Pouliot <sebastien@ximian.com>
Wed, 4 Oct 2006 19:26:26 +0000 (19:26 -0000)
diff --git a/mcs/class/Mono.Security/Mono.Security.Cryptography/ChangeLog b/mcs/class/Mono.Security/Mono.Security.Cryptography/ChangeLog

index d3df1915c7d71dd646503ff57895519978ad75da..d6cba28f49e0ea711422e3aee624809198d4fab0 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Cryptography/ChangeLog
+++ b/mcs/class/Mono.Security/Mono.Security.Cryptography/ChangeLog
@@ -1,3 +1,10 @@
+2006-10-04  Sebastien Pouliot  <sebastien@ximian.com>
+
+       * PKCS1.cs: Remove compatibility block where all padding wasn't 
+       verified (can't find the original test case for it). Note: the 
+       existing implementation wasn't affected by CVE-2006-4339, aka RSA 
+       PKCS#1 1.5 signature forgery (but we're stronger without it).
+
  2006-09-27  Sebastien Pouliot  <sebastien@ximian.com>
  
         * RSAManaged.cs: Ensure that the results of Encrypt and Decrypt will
diff --git a/mcs/class/Mono.Security/Mono.Security.Cryptography/PKCS1.cs b/mcs/class/Mono.Security/Mono.Security.Cryptography/PKCS1.cs

index e1fd58d78ddb2d0ee68e0099b66b942973df1434..f168a29c48b41619723efa867f6952174e03a490 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Cryptography/PKCS1.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Cryptography/PKCS1.cs
@@ -296,18 +296,7 @@ namespace Mono.Security.Cryptography {
                         byte[] m = RSAVP1 (rsa, s);
                         byte[] EM2 = I2OSP (m, size);
                         byte[] EM = Encode_v15 (hash, hashValue, size);
-                       bool result = Compare (EM, EM2);
-                       if (!result) {
-                               // NOTE: some signatures don't include the hash OID (pretty lame but real)
-                               // and compatible with MS implementation
-                               if ((EM2 [0] != 0x00) || (EM2 [1] != 0x01))
-                                       return false;
-                               // TODO: add more validation
-                               byte[] decryptedHash = new byte [hashValue.Length];
-                               Buffer.BlockCopy (EM2, EM2.Length - hashValue.Length, decryptedHash, 0, decryptedHash.Length);
-                               result = Compare (decryptedHash, hashValue);
-                       }
-                       return result;
+                       return Compare (EM, EM2);
                 }
         
                 // PKCS #1 v.2.1, Section 9.2
author	Sebastien Pouliot <sebastien@ximian.com>
	Wed, 4 Oct 2006 19:26:26 +0000 (19:26 -0000)
committer	Sebastien Pouliot <sebastien@ximian.com>
	Wed, 4 Oct 2006 19:26:26 +0000 (19:26 -0000)
mcs/class/Mono.Security/Mono.Security.Cryptography/ChangeLog		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Cryptography/PKCS1.cs		patch \| blob \| history