RSA_size() and DH_size() return the amount of bytes in a key, and we compared it to the amount of bits required... PR: 770 Submitted by: c zhang <czhang2005@hotmail.com>

commit: 70ef9c5a3ddf317b204c7f77aa3fc01b5ebeb0fb [log] [tgz]
author: Richard Levitte <levitte@openssl.org> Fri Nov 28 23:03:14 2003 +0000
committer: Richard Levitte <levitte@openssl.org> Fri Nov 28 23:03:14 2003 +0000
tree: b05303bca37fb2d0ca5ddb36cc50f6768449f899
parent: b727907ae86dbf46bf95af1166a04e67be853df2 [diff] [blame]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 6b29f04..96631db 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -2354,7 +2354,7 @@
 		if (algs & SSL_kRSA)
 			{
 			if (rsa == NULL
-			    || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
+			    || RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
 				{
 				SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
 				goto f_err;
@@ -2366,7 +2366,7 @@
 			if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
 			    {
 			    if (dh == NULL
-				|| DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
+				|| DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
 				{
 				SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
 				goto f_err;
commit	70ef9c5a3ddf317b204c7f77aa3fc01b5ebeb0fb	[log] [tgz]
author	Richard Levitte <levitte@openssl.org>	Fri Nov 28 23:03:14 2003 +0000
committer	Richard Levitte <levitte@openssl.org>	Fri Nov 28 23:03:14 2003 +0000
tree	b05303bca37fb2d0ca5ddb36cc50f6768449f899
parent	b727907ae86dbf46bf95af1166a04e67be853df2 [diff] [blame]