apps/dgst.c: allocate a new signature buffer
... if the fixed-size buffer is too small.
Fixes #9732
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10276)
(cherry picked from commit 7c2d95d47ccb3797f0da6bd4446747c6eee07b87)
Pavel Karagodin authored 4 years ago
Patrick Steuer committed 4 years ago
500 | 500 | const char *sig_name, const char *md_name, |
501 | 501 | const char *file) |
502 | 502 | { |
503 | size_t len; | |
504 | int i, backslash = 0; | |
503 | size_t len = BUFSIZE; | |
504 | int i, backslash = 0, ret = 1; | |
505 | unsigned char *sigbuf = NULL; | |
505 | 506 | |
506 | 507 | while (BIO_pending(bp) || !BIO_eof(bp)) { |
507 | 508 | i = BIO_read(bp, (char *)buf, BUFSIZE); |
508 | 509 | if (i < 0) { |
509 | 510 | BIO_printf(bio_err, "Read Error in %s\n", file); |
510 | 511 | ERR_print_errors(bio_err); |
511 | return 1; | |
512 | goto end; | |
512 | 513 | } |
513 | 514 | if (i == 0) |
514 | 515 | break; |
521 | 522 | BIO_printf(out, "Verified OK\n"); |
522 | 523 | } else if (i == 0) { |
523 | 524 | BIO_printf(out, "Verification Failure\n"); |
524 | return 1; | |
525 | goto end; | |
525 | 526 | } else { |
526 | 527 | BIO_printf(bio_err, "Error Verifying Data\n"); |
527 | 528 | ERR_print_errors(bio_err); |
528 | return 1; | |
529 | } | |
530 | return 0; | |
529 | goto end; | |
530 | } | |
531 | ret = 0; | |
532 | goto end; | |
531 | 533 | } |
532 | 534 | if (key != NULL) { |
533 | 535 | EVP_MD_CTX *ctx; |
536 | int pkey_len; | |
534 | 537 | BIO_get_md_ctx(bp, &ctx); |
535 | len = BUFSIZE; | |
538 | pkey_len = EVP_PKEY_size(key); | |
539 | if (pkey_len > BUFSIZE) { | |
540 | len = pkey_len; | |
541 | sigbuf = app_malloc(len, "Signature buffer"); | |
542 | buf = sigbuf; | |
543 | } | |
536 | 544 | if (!EVP_DigestSignFinal(ctx, buf, &len)) { |
537 | 545 | BIO_printf(bio_err, "Error Signing Data\n"); |
538 | 546 | ERR_print_errors(bio_err); |
539 | return 1; | |
547 | goto end; | |
540 | 548 | } |
541 | 549 | } else { |
542 | 550 | len = BIO_gets(bp, (char *)buf, BUFSIZE); |
543 | 551 | if ((int)len < 0) { |
544 | 552 | ERR_print_errors(bio_err); |
545 | return 1; | |
553 | goto end; | |
546 | 554 | } |
547 | 555 | } |
548 | 556 | |
577 | 585 | } |
578 | 586 | BIO_printf(out, "\n"); |
579 | 587 | } |
580 | return 0; | |
588 | ||
589 | ret = 0; | |
590 | end: | |
591 | if (sigbuf != NULL) | |
592 | OPENSSL_clear_free(sigbuf, len); | |
593 | ||
594 | return ret; | |
581 | 595 | } |