apps/dgst.c: allocate a new signature buffer
... if the fixed-size buffer is too small.
Fixes #9732
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10276)
(cherry picked from commit 7c2d95d47ccb3797f0da6bd4446747c6eee07b87)
Pavel Karagodin authored 4 years ago
Patrick Steuer committed 4 years ago
| 500 | 500 | const char *sig_name, const char *md_name, |
| 501 | 501 | const char *file) |
| 502 | 502 | { |
| 503 | size_t len; | |
| 504 | int i, backslash = 0; | |
| 503 | size_t len = BUFSIZE; | |
| 504 | int i, backslash = 0, ret = 1; | |
| 505 | unsigned char *sigbuf = NULL; | |
| 505 | 506 | |
| 506 | 507 | while (BIO_pending(bp) || !BIO_eof(bp)) { |
| 507 | 508 | i = BIO_read(bp, (char *)buf, BUFSIZE); |
| 508 | 509 | if (i < 0) { |
| 509 | 510 | BIO_printf(bio_err, "Read Error in %s\n", file); |
| 510 | 511 | ERR_print_errors(bio_err); |
| 511 | return 1; | |
| 512 | goto end; | |
| 512 | 513 | } |
| 513 | 514 | if (i == 0) |
| 514 | 515 | break; |
| 521 | 522 | BIO_printf(out, "Verified OK\n"); |
| 522 | 523 | } else if (i == 0) { |
| 523 | 524 | BIO_printf(out, "Verification Failure\n"); |
| 524 | return 1; | |
| 525 | goto end; | |
| 525 | 526 | } else { |
| 526 | 527 | BIO_printf(bio_err, "Error Verifying Data\n"); |
| 527 | 528 | ERR_print_errors(bio_err); |
| 528 | return 1; | |
| 529 | } | |
| 530 | return 0; | |
| 529 | goto end; | |
| 530 | } | |
| 531 | ret = 0; | |
| 532 | goto end; | |
| 531 | 533 | } |
| 532 | 534 | if (key != NULL) { |
| 533 | 535 | EVP_MD_CTX *ctx; |
| 536 | int pkey_len; | |
| 534 | 537 | BIO_get_md_ctx(bp, &ctx); |
| 535 | len = BUFSIZE; | |
| 538 | pkey_len = EVP_PKEY_size(key); | |
| 539 | if (pkey_len > BUFSIZE) { | |
| 540 | len = pkey_len; | |
| 541 | sigbuf = app_malloc(len, "Signature buffer"); | |
| 542 | buf = sigbuf; | |
| 543 | } | |
| 536 | 544 | if (!EVP_DigestSignFinal(ctx, buf, &len)) { |
| 537 | 545 | BIO_printf(bio_err, "Error Signing Data\n"); |
| 538 | 546 | ERR_print_errors(bio_err); |
| 539 | return 1; | |
| 547 | goto end; | |
| 540 | 548 | } |
| 541 | 549 | } else { |
| 542 | 550 | len = BIO_gets(bp, (char *)buf, BUFSIZE); |
| 543 | 551 | if ((int)len < 0) { |
| 544 | 552 | ERR_print_errors(bio_err); |
| 545 | return 1; | |
| 553 | goto end; | |
| 546 | 554 | } |
| 547 | 555 | } |
| 548 | 556 | |
| 577 | 585 | } |
| 578 | 586 | BIO_printf(out, "\n"); |
| 579 | 587 | } |
| 580 | return 0; | |
| 588 | ||
| 589 | ret = 0; | |
| 590 | end: | |
| 591 | if (sigbuf != NULL) | |
| 592 | OPENSSL_clear_free(sigbuf, len); | |
| 593 | ||
| 594 | return ret; | |
| 581 | 595 | } |