[openssl] OpenSSL_1_1_1-stable update
Matt Caswell
matt at openssl.org
Wed Jan 8 10:05:41 UTC 2020
The branch OpenSSL_1_1_1-stable has been updated
via 0efc1154e552ba736732424f128c1ef04d30731e (commit)
from f245be91a7bb4ccfdff630f92390e7ae72c6ca98 (commit)
- Log -----------------------------------------------------------------
commit 0efc1154e552ba736732424f128c1ef04d30731e
Author: Matt Caswell <matt at openssl.org>
Date: Thu Aug 29 17:15:16 2019 +0100
Fix pkeyutl -verifyrecover
When performing a pkeyutl -verifyrecover operation the input file is not
a hash - it is the signature itself. Therefore don't do the check to make
sure it looks like a hash.
Fixes #9658
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9731)
(cherry picked from commit 5ffc33244cd4d66e47dfa66ce89cb38d0f3074cc)
-----------------------------------------------------------------------
Summary of changes:
apps/pkeyutl.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 2c4e524b69..ea779b6748 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -299,8 +299,7 @@ int pkeyutl_main(int argc, char **argv)
/* Sanity check the input */
if (buf_inlen > EVP_MAX_MD_SIZE
&& (pkey_op == EVP_PKEY_OP_SIGN
- || pkey_op == EVP_PKEY_OP_VERIFY
- || pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) {
+ || pkey_op == EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"Error: The input data looks too long to be a hash\n");
goto end;
More information about the openssl-commits
mailing list