diff options
| author | Matt Caswell <matt@openssl.org> | 2023-06-23 11:50:17 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2023-06-26 09:35:01 +0100 |
| commit | 8ebc73453746e5303d5249986e2e42e7937a67ad (patch) | |
| tree | e59a9270ad71e07828bf9d2a05d999704b21c671 /apps | |
| parent | 8d6ea2d2c3cfdb1f09898ee98362b057893e6f14 (diff) | |
Don't truncate the input when decrypting in pkeyutl
The pkeyutl app was truncating the input file for decryption leading to
incorrect results. This was probably ok historically when RSA was being
used for decryption which has short maximum sizes. This is not ok with SM2.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21272)
(cherry picked from commit 849450746f38a5658ef783abb0a8c79ae2861464)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/lib/apps.c | 3 | ||||
| -rw-r--r-- | apps/pkeyutl.c | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 891af71730..bbaecb8c72 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -2003,7 +2003,8 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in) BIO_free(mem); return -1; } - maxlen -= len; + if (maxlen != -1) + maxlen -= len; if (maxlen == 0) break; diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 518a741661..d6d1d49d5d 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -421,7 +421,7 @@ int pkeyutl_main(int argc, char **argv) /* Raw input data is handled elsewhere */ if (in != NULL && !rawin) { /* Read the input data */ - buf_inlen = bio_to_mem(&buf_in, keysize * 10, in); + buf_inlen = bio_to_mem(&buf_in, -1, in); if (buf_inlen < 0) { BIO_printf(bio_err, "Error reading input Data\n"); goto end; |