summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c')
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c17
1 files changed, 10 insertions, 7 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index bf71d7901..48beedef6 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -48,8 +48,6 @@ struct private_openssl_rsa_public_key_t {
refcount_t ref;
};
-
-
/**
* Verification of an EMPSA PKCS1 signature described in PKCS#1
*/
@@ -67,12 +65,17 @@ static bool verify_emsa_pkcs1_signature(private_openssl_rsa_public_key_t *this,
if (type == NID_undef)
{
- chunk_t hash = chunk_alloc(rsa_size);
+ char *buf;
+ int len;
- hash.len = RSA_public_decrypt(signature.len, signature.ptr, hash.ptr,
- this->rsa, RSA_PKCS1_PADDING);
- valid = chunk_equals(data, hash);
- free(hash.ptr);
+ buf = malloc(rsa_size);
+ len = RSA_public_decrypt(signature.len, signature.ptr, buf, this->rsa,
+ RSA_PKCS1_PADDING);
+ if (len != -1)
+ {
+ valid = chunk_equals(data, chunk_create(buf, len));
+ }
+ free(buf);
}
else
{
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-17 23:22:02 +0000