diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 556107f5a1..d0814a8455 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.153 2022/12/26 07:31:44 jmc Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.154 2023/06/11 18:50:51 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2049,17 +2049,12 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2049 | al = SSL_AD_INTERNAL_ERROR; | 2049 | al = SSL_AD_INTERNAL_ERROR; |
| 2050 | goto fatal_err; | 2050 | goto fatal_err; |
| 2051 | } | 2051 | } |
| 2052 | if (!EVP_DigestVerifyUpdate(mctx, hdata, hdatalen)) { | 2052 | if (EVP_DigestVerify(mctx, CBS_data(&signature), |
| 2053 | CBS_len(&signature), hdata, hdatalen) <= 0) { | ||
| 2053 | SSLerror(s, ERR_R_EVP_LIB); | 2054 | SSLerror(s, ERR_R_EVP_LIB); |
| 2054 | al = SSL_AD_INTERNAL_ERROR; | 2055 | al = SSL_AD_INTERNAL_ERROR; |
| 2055 | goto fatal_err; | 2056 | goto fatal_err; |
| 2056 | } | 2057 | } |
| 2057 | if (EVP_DigestVerifyFinal(mctx, CBS_data(&signature), | ||
| 2058 | CBS_len(&signature)) <= 0) { | ||
| 2059 | al = SSL_AD_DECRYPT_ERROR; | ||
| 2060 | SSLerror(s, SSL_R_BAD_SIGNATURE); | ||
| 2061 | goto fatal_err; | ||
| 2062 | } | ||
| 2063 | } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { | 2058 | } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { |
| 2064 | RSA *rsa; | 2059 | RSA *rsa; |
| 2065 | 2060 | ||