From ba8ad074905ac260117a983237bc61a488e9fb1e Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Tue, 26 Nov 2002 11:14:32 +0000
Subject: The logic in the main signing and verifying functions to check
 lengths was incorrect.  Fortunately, there is a second check that's correct,
 when adding the pads. PR: 355

---
 crypto/rsa/rsa_pk1.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/rsa/rsa_pk1.c')

diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
index c1edd67..8560755 100644
--- a/crypto/rsa/rsa_pk1.c
+++ b/crypto/rsa/rsa_pk1.c
@@ -68,7 +68,7 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
 	int j;
 	unsigned char *p;
 
-	if (flen > (tlen-11))
+	if (flen > (tlen-RSA_PKCS1_PADDING_SIZE))
 		{
 		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
 		return(0);
-- 
cgit v1.1