wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Revert "Don't check RSA_FLAG_SIGN_VER."

Browse source 
This reverts commit 6656ba7152.

This broke existing engines that didn't properly implement the sign and verify
functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>

MR: #2077
This commit is contained in:
Kurt Roeckx 2016-02-20 15:29:45 +01:00
parent 578b956fe7
commit 5361af815d
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
crypto/rsa/rsa_sign.c
View file

@ -84,7 +84,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
return 0;
}
#endif
if (rsa->meth->rsa_sign) {
if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) {
return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
}
/* Special case: SSL signature, just check the length */
@ -293,7 +293,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
{
if (rsa->meth->rsa_verify) {
if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) {
return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
}