diff options
author | Matt Caswell <matt@openssl.org> | 2023-06-23 11:50:17 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-06-26 09:28:23 +0100 |
commit | 849450746f38a5658ef783abb0a8c79ae2861464 (patch) | |
tree | ec84ae3f6ea6eab34929e2aee8157731fc8d4e69 /apps | |
parent | 43596b306b1fe06da3b1a99e07c0cf235898010d (diff) |
Don't truncate the input when decrypting in pkeyutl
The pkeyutl app was truncating the input file for decryption leading to
incorrect results. This was probably ok historically when RSA was being
used for decryption which has short maximum sizes. This is not ok with SM2.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21272)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/lib/apps.c | 3 | ||||
-rw-r--r-- | apps/pkeyutl.c | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index c9b509525c..887fa74dea 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -2043,7 +2043,8 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in) BIO_free(mem); return -1; } - maxlen -= len; + if (maxlen != -1) + maxlen -= len; if (maxlen == 0) break; diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index d8b2ad5f65..efd98684cb 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -420,7 +420,7 @@ int pkeyutl_main(int argc, char **argv) /* Raw input data is handled elsewhere */ if (in != NULL && !rawin) { /* Read the input data */ - buf_inlen = bio_to_mem(&buf_in, keysize * 10, in); + buf_inlen = bio_to_mem(&buf_in, -1, in); if (buf_inlen < 0) { BIO_printf(bio_err, "Error reading input Data\n"); goto end; |