]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dc3f057)
Fix a bug in signature self tests in the FIPS module
authorMatt Caswell <matt@openssl.org>
Mon, 11 Oct 2021 11:08:29 +0000 (12:08 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 22 Oct 2021 07:43:27 +0000 (08:43 +0100)
When calling EVP_PKEY_sign(), the size of the signature buffer must
be passed in *siglen.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)

providers/fips/self_test_kats.c patch | blob | blame | history

diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
index 81f7226ba194f81ba081774127e751d2792cdddb..94a0cf842c0c03796585a1741e2061e387d3df7a 100644 (file)
--- a/providers/fips/self_test_kats.c
+++ b/providers/fips/self_test_kats.c
@@ -446,7 +446,7 @@ static int self_test_sign(const ST_KAT_SIGN *t,
     EVP_PKEY *pkey = NULL;
     unsigned char sig[256];
     BN_CTX *bnctx = NULL;
-    size_t siglen = 0;
+    size_t siglen = sizeof(sig);
     static const unsigned char dgst[] = {
         0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
         0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
A mirror of the official openssl repository