Don't truncate the input when decrypting in pkeyutl

The pkeyutl app was truncating the input file for decryption leading to incorrect results. This was probably ok historically when RSA was being used for decryption which has short maximum sizes. This is not ok with SM2. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21272)
author: Matt Caswell <matt@openssl.org> 2023-06-23 11:50:17 +0100
committer: Matt Caswell <matt@openssl.org> 2023-06-26 09:28:23 +0100
commit: 849450746f38a5658ef783abb0a8c79ae2861464 (patch)
tree: ec84ae3f6ea6eab34929e2aee8157731fc8d4e69 /apps
parent: 43596b306b1fe06da3b1a99e07c0cf235898010d (diff)
2 files changed, 3 insertions, 2 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index c9b509525c..887fa74dea 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -2043,7 +2043,8 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
             BIO_free(mem);
             return -1;
         }
-        maxlen -= len;
+        if (maxlen != -1)
+            maxlen -= len;
 
         if (maxlen == 0)
             break;
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index d8b2ad5f65..efd98684cb 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -420,7 +420,7 @@ int pkeyutl_main(int argc, char **argv)
     /* Raw input data is handled elsewhere */
     if (in != NULL && !rawin) {
         /* Read the input data */
-        buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
+        buf_inlen = bio_to_mem(&buf_in, -1, in);
         if (buf_inlen < 0) {
             BIO_printf(bio_err, "Error reading input Data\n");
             goto end;
author	Matt Caswell <matt@openssl.org>	2023-06-23 11:50:17 +0100
committer	Matt Caswell <matt@openssl.org>	2023-06-26 09:28:23 +0100
commit	849450746f38a5658ef783abb0a8c79ae2861464 (patch)
tree	ec84ae3f6ea6eab34929e2aee8157731fc8d4e69 /apps
parent	43596b306b1fe06da3b1a99e07c0cf235898010d (diff)