Fix pkeyutl -verifyrecover
When performing a pkeyutl -verifyrecover operation the input file is not a hash - it is the signature itself. Therefore don't do the check to make sure it looks like a hash. Fixes #9658 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9731) (cherry picked from commit 5ffc33244cd4d66e47dfa66ce89cb38d0f3074cc)
This commit is contained in:
Matt Caswell
parent
f245be91a7
commit
0efc1154e5
1 changed files with 1 additions and 2 deletions
|
|
@ -299,8 +299,7 @@ int pkeyutl_main(int argc, char **argv)
|
|||
/* Sanity check the input */
|
||||
if (buf_inlen > EVP_MAX_MD_SIZE
|
||||
&& (pkey_op == EVP_PKEY_OP_SIGN
|
||||
|| pkey_op == EVP_PKEY_OP_VERIFY
|
||||
|| pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) {
|
||||
|| pkey_op == EVP_PKEY_OP_VERIFY)) {
|
||||
BIO_printf(bio_err,
|
||||
"Error: The input data looks too long to be a hash\n");
|
||||
goto end;
|
||||
|
|
|
|||
Loading…
Reference in a new issue