[Fix] Fix NIST signatures

author: Vsevolod Stakhov <vsevolod@highsecure.ru> 2018-06-05 17:02:58 +0100
committer: Vsevolod Stakhov <vsevolod@highsecure.ru> 2018-06-05 17:02:58 +0100
commit: 5658e4bfd4045bf31b2ba9f4e2a31066dc252d67 (patch)
tree: 9b3bee9cf8a4823d497362db5f4a4e64c588e555 /src/libcryptobox/cryptobox.c
parent: 0d4bbf0f00d4278e1dc10f205884871f4666b544 (diff)
download: rspamd-5658e4bfd4045bf31b2ba9f4e2a31066dc252d67.tar.gz
rspamd-5658e4bfd4045bf31b2ba9f4e2a31066dc252d67.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c
index b58f84418..99c91e3dd 100644
--- a/src/libcryptobox/cryptobox.c
+++ b/src/libcryptobox/cryptobox.c
@@ -576,6 +576,7 @@ rspamd_cryptobox_sign (guchar *sig, gsize *siglen_p,
 
 bool
 rspamd_cryptobox_verify (const guchar *sig,
+		gsize siglen,
 		const guchar *m,
 		gsize mlen,
 		const rspamd_pk_t pk,
@@ -584,6 +585,7 @@ rspamd_cryptobox_verify (const guchar *sig,
 	bool ret = false;
 
 	if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
+		g_assert (siglen == rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
 		ret = ed25519_verify (sig, m, mlen, pk);
 	}
 	else {
@@ -612,8 +614,7 @@ rspamd_cryptobox_verify (const guchar *sig,
 		g_assert (EC_KEY_set_public_key (lk, ec_pub) == 1);
 
 		/* ECDSA */
-		ret = ECDSA_verify (0, h, sizeof (h), sig,
-				rspamd_cryptobox_signature_bytes (mode), lk) == 1;
+		ret = ECDSA_verify (0, h, sizeof (h), sig, siglen, lk) == 1;
 
 		EC_KEY_free (lk);
 		EVP_MD_CTX_destroy (sha_ctx);
author	Vsevolod Stakhov <vsevolod@highsecure.ru>	2018-06-05 17:02:58 +0100
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>	2018-06-05 17:02:58 +0100
commit	5658e4bfd4045bf31b2ba9f4e2a31066dc252d67 (patch)
tree	9b3bee9cf8a4823d497362db5f4a4e64c588e555 /src/libcryptobox/cryptobox.c
parent	0d4bbf0f00d4278e1dc10f205884871f4666b544 (diff)
download	rspamd-5658e4bfd4045bf31b2ba9f4e2a31066dc252d67.tar.gz rspamd-5658e4bfd4045bf31b2ba9f4e2a31066dc252d67.zip