Store digests as EVP_MD instead of a NID.

Add digest size sanity checks.
author: Dr. Stephen Henson <steve@openssl.org> 2006-04-09 21:24:48 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2006-04-09 21:24:48 +0000
commit: 75d44c0452e8807dcd9dd126390dd8df35c57efa (patch)
tree: ac28208d2d3dc38b2eab15bae118af8cde81d098 /crypto/rsa/rsa_sign.c
parent: a58a6368383d55ab35ad4f4cdcb0f54310e7fd32 (diff)
1 files changed, 12 insertions, 3 deletions
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index 91f03406d0..4d48164b77 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -220,9 +220,18 @@ int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
 			}
 		if (rm)
 			{
-			memcpy(rm, sig->digest->data, sig->digest->length);
-			*prm_len = sig->digest->length;
-			ret = 1;
+			const EVP_MD *md;
+			md = EVP_get_digestbynid(dtype);
+			if (md && (EVP_MD_size(md) != sig->digest->length))
+				RSAerr(RSA_F_RSA_VERIFY,
+						RSA_R_INVALID_DIGEST_LENGTH);
+			else
+				{
+				memcpy(rm, sig->digest->data,
+							sig->digest->length);
+				*prm_len = sig->digest->length;
+				ret = 1;
+				}
 			}
 		else if (((unsigned int)sig->digest->length != m_len) ||
 			(memcmp(m,sig->digest->data,m_len) != 0))
author	Dr. Stephen Henson <steve@openssl.org>	2006-04-09 21:24:48 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2006-04-09 21:24:48 +0000
commit	75d44c0452e8807dcd9dd126390dd8df35c57efa (patch)
tree	ac28208d2d3dc38b2eab15bae118af8cde81d098 /crypto/rsa/rsa_sign.c
parent	a58a6368383d55ab35ad4f4cdcb0f54310e7fd32 (diff)