From: Matt Caswell <matt@openssl.org>
Date: Mon, 11 Oct 2021 11:08:29 +0000 (+0100)
Subject: Fix a bug in signature self tests in the FIPS module
X-Git-Tag: openssl-3.2.0-alpha1~3449
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=61adb6cf950b65a7bfce9a8d78a7744dfae9f978;p=thirdparty%2Fopenssl.git

Fix a bug in signature self tests in the FIPS module

When calling EVP_PKEY_sign(), the size of the signature buffer must
be passed in *siglen.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
---

diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
index 81f7226ba19..94a0cf842c0 100644
--- a/providers/fips/self_test_kats.c
+++ b/providers/fips/self_test_kats.c
@@ -446,7 +446,7 @@ static int self_test_sign(const ST_KAT_SIGN *t,
     EVP_PKEY *pkey = NULL;
     unsigned char sig[256];
     BN_CTX *bnctx = NULL;
-    size_t siglen = 0;
+    size_t siglen = sizeof(sig);
     static const unsigned char dgst[] = {
         0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
         0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,