The branch OpenSSL_1_1_1-stable has been updated via 0efc1154e552ba736732424f128c1ef04d30731e (commit) from f245be91a7bb4ccfdff630f92390e7ae72c6ca98 (commit)
- Log ----------------------------------------------------------------- commit 0efc1154e552ba736732424f128c1ef04d30731e Author: Matt Caswell <m...@openssl.org> Date: Thu Aug 29 17:15:16 2019 +0100 Fix pkeyutl -verifyrecover When performing a pkeyutl -verifyrecover operation the input file is not a hash - it is the signature itself. Therefore don't do the check to make sure it looks like a hash. Fixes #9658 Reviewed-by: Richard Levitte <levi...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9731) (cherry picked from commit 5ffc33244cd4d66e47dfa66ce89cb38d0f3074cc) ----------------------------------------------------------------------- Summary of changes: apps/pkeyutl.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 2c4e524b69..ea779b6748 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -299,8 +299,7 @@ int pkeyutl_main(int argc, char **argv) /* Sanity check the input */ if (buf_inlen > EVP_MAX_MD_SIZE && (pkey_op == EVP_PKEY_OP_SIGN - || pkey_op == EVP_PKEY_OP_VERIFY - || pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) { + || pkey_op == EVP_PKEY_OP_VERIFY)) { BIO_printf(bio_err, "Error: The input data looks too long to be a hash\n"); goto end;