summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins/openssl/openssl_ec_public_key.c')
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_public_key.c19
1 files changed, 16 insertions, 3 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
index 21dcb0120..a1e56fc5e 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
@@ -27,6 +27,10 @@
#include <openssl/ecdsa.h>
#include <openssl/x509.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s)
+#endif
+
typedef struct private_openssl_ec_public_key_t private_openssl_ec_public_key_t;
/**
@@ -55,14 +59,23 @@ struct private_openssl_ec_public_key_t {
static bool verify_signature(private_openssl_ec_public_key_t *this,
chunk_t hash, chunk_t signature)
{
- bool valid = FALSE;
+ BIGNUM *r, *s;
ECDSA_SIG *sig;
+ bool valid = FALSE;
sig = ECDSA_SIG_new();
if (sig)
{
- /* split the signature chunk in r and s */
- if (openssl_bn_split(signature, sig->r, sig->s))
+ r = BN_new();
+ s = BN_new();
+ if (!openssl_bn_split(signature, r, s))
+ {
+ BN_free(r);
+ BN_free(s);
+ ECDSA_SIG_free(sig);
+ return FALSE;
+ }
+ if (ECDSA_SIG_set0(sig, r, s))
{
valid = (ECDSA_do_verify(hash.ptr, hash.len, sig, this->ec) == 1);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 08:44:58 +0000