Commit 0a861ab7 authored by Richard Levitte's avatar Richard Levitte
Browse files

RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function 

pointers should be used.  It doesn't necessarely mean it should go through
the ENGINE framework.
parent 7b36590b

crypto/rsa/rsa_sign.c

+16 −8
Original line number Diff line number Diff line
@@ -79,12 +79,16 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, 
	const unsigned char *s = NULL;

	X509_ALGOR algor;

	ASN1_OCTET_STRING digest;

	if(rsa->flags & RSA_FLAG_SIGN_VER)

		{

#ifndef OPENSSL_NO_ENGINE

	if((rsa->flags & RSA_FLAG_SIGN_VER)

	      && ENGINE_get_RSA(rsa->engine)->rsa_sign)

		if(ENGINE_get_RSA(rsa->engine)->rsa_sign)

			return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,

				m, m_len, sigret, siglen, rsa);

#endif

		return rsa->meth->rsa_sign(type, m, m_len,

			sigret, siglen, rsa);

		}

	/* Special case: SSL signature, just check the length */

	if(type == NID_md5_sha1) {

		if(m_len != SSL_SIG_LENGTH) {
@@ -159,12 +163,16 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, 
		return(0);

		}



	if(rsa->flags & RSA_FLAG_SIGN_VER)

		{

#ifndef OPENSSL_NO_ENGINE

	if((rsa->flags & RSA_FLAG_SIGN_VER)

	    && ENGINE_get_RSA(rsa->engine)->rsa_verify)

		if(ENGINE_get_RSA(rsa->engine)->rsa_verify)

			return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,

				m, m_len, sigbuf, siglen, rsa);

#endif

		return rsa->meth->rsa_verify(dtype, m, m_len,

			sigbuf, siglen, rsa);

		}



	s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);

	if (s == NULL)