diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2016-02-20 15:29:45 +0100 |
|---|---|---|
| committer | Kurt Roeckx <kurt@roeckx.be> | 2016-02-27 13:12:02 +0100 |
| commit | 5361af815d1cf6510202bb0ff32fa98af50e1ba7 (patch) | |
| tree | c0e04adb220407e9291208d76fe034b5afdecd06 /crypto/rsa | |
| parent | 578b956fe741bf8e84055547b1e83c28dd902c73 (diff) | |
Revert "Don't check RSA_FLAG_SIGN_VER."
This reverts commit 6656ba7152dfe4bba865e327dd362ea08544aa80.
This broke existing engines that didn't properly implement the sign and verify
functions.
Reviewed-by: Richard Levitte <levitte@openssl.org>
MR: #2077
Diffstat (limited to 'crypto/rsa')
| -rw-r--r-- | crypto/rsa/rsa_sign.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index ed63a1d8b0..82ca8324df 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -84,7 +84,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, return 0; } #endif - if (rsa->meth->rsa_sign) { + if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) { return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); } /* Special case: SSL signature, just check the length */ @@ -293,7 +293,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, const unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { - if (rsa->meth->rsa_verify) { + if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) { return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); } |