diff options
Diffstat (limited to 'src/lib/libcrypto/evp/p_verify.c')
| -rw-r--r-- | src/lib/libcrypto/evp/p_verify.c | 49 |
1 files changed, 13 insertions, 36 deletions
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c index 6ecdef0787..d51d1b4a0a 100644 --- a/src/lib/libcrypto/evp/p_verify.c +++ b/src/lib/libcrypto/evp/p_verify.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: p_verify.c,v 1.14 2021/12/12 21:30:13 tb Exp $ */ | 1 | /* $OpenBSD: p_verify.c,v 1.15 2022/01/14 08:38:06 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -71,9 +71,9 @@ EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, | |||
| 71 | { | 71 | { |
| 72 | unsigned char m[EVP_MAX_MD_SIZE]; | 72 | unsigned char m[EVP_MAX_MD_SIZE]; |
| 73 | unsigned int m_len; | 73 | unsigned int m_len; |
| 74 | int i = 0, ok = 0, v; | ||
| 75 | EVP_MD_CTX tmp_ctx; | 74 | EVP_MD_CTX tmp_ctx; |
| 76 | EVP_PKEY_CTX *pkctx = NULL; | 75 | EVP_PKEY_CTX *pkctx = NULL; |
| 76 | int ret = 0; | ||
| 77 | 77 | ||
| 78 | EVP_MD_CTX_init(&tmp_ctx); | 78 | EVP_MD_CTX_init(&tmp_ctx); |
| 79 | if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) | 79 | if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) |
| @@ -82,39 +82,16 @@ EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, | |||
| 82 | goto err; | 82 | goto err; |
| 83 | EVP_MD_CTX_cleanup(&tmp_ctx); | 83 | EVP_MD_CTX_cleanup(&tmp_ctx); |
| 84 | 84 | ||
| 85 | if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { | 85 | ret = -1; |
| 86 | i = -1; | 86 | if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) |
| 87 | pkctx = EVP_PKEY_CTX_new(pkey, NULL); | 87 | goto err; |
| 88 | if (!pkctx) | 88 | if (EVP_PKEY_verify_init(pkctx) <= 0) |
| 89 | goto err; | 89 | goto err; |
| 90 | if (EVP_PKEY_verify_init(pkctx) <= 0) | 90 | if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) |
| 91 | goto err; | 91 | goto err; |
| 92 | if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) | 92 | ret = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); |
| 93 | goto err; | ||
| 94 | i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); | ||
| 95 | err: | ||
| 96 | EVP_PKEY_CTX_free(pkctx); | ||
| 97 | return i; | ||
| 98 | } | ||
| 99 | |||
| 100 | for (i = 0; i < 4; i++) { | ||
| 101 | v = ctx->digest->required_pkey_type[i]; | ||
| 102 | if (v == 0) | ||
| 103 | break; | ||
| 104 | if (pkey->type == v) { | ||
| 105 | ok = 1; | ||
| 106 | break; | ||
| 107 | } | ||
| 108 | } | ||
| 109 | if (!ok) { | ||
| 110 | EVPerror(EVP_R_WRONG_PUBLIC_KEY_TYPE); | ||
| 111 | return (-1); | ||
| 112 | } | ||
| 113 | if (ctx->digest->verify == NULL) { | ||
| 114 | EVPerror(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); | ||
| 115 | return (0); | ||
| 116 | } | ||
| 117 | 93 | ||
| 118 | return(ctx->digest->verify(ctx->digest->type, m, m_len, | 94 | err: |
| 119 | sigbuf, siglen, pkey->pkey.ptr)); | 95 | EVP_PKEY_CTX_free(pkctx); |
| 96 | return ret; | ||
| 120 | } | 97 | } |