mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
Correct the return value of cryptoapi RSA signature callbacks
Fixes the wrong check on siglen instead of *siglen for signing failures. Bug reported by: lilulo <lilulo@gmail.com> Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <1564173557-11776-1-git-send-email-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18706.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
59e45a8bbc
commit
f4ac6b780d
@ -499,7 +499,7 @@ rsa_sign_CNG(int type, const unsigned char *m, unsigned int m_len,
|
||||
*siglen = priv_enc_CNG(cd, alg, m, (int)m_len, sig, RSA_size(rsa),
|
||||
cng_padding_type(padding), 0);
|
||||
|
||||
return (siglen == 0) ? 0 : 1;
|
||||
return (*siglen == 0) ? 0 : 1;
|
||||
}
|
||||
|
||||
/* decrypt */
|
||||
@ -973,7 +973,7 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
||||
*siglen = priv_enc_CNG(cd, alg, tbs, (int)tbslen, sig, *siglen,
|
||||
cng_padding_type(padding), (DWORD)saltlen);
|
||||
|
||||
return (siglen == 0) ? 0 : 1;
|
||||
return (*siglen == 0) ? 0 : 1;
|
||||
}
|
||||
|
||||
#endif /* OPENSSL_VERSION >= 1.1.0 */
|
||||
|
Loading…
Reference in New Issue
Block a user