diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2013-08-22 15:22:15 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2013-08-22 15:22:15 +0100 |
| commit | 8c6093d121a50bccaaba0ee0b731e8803239ae5b (patch) | |
| tree | 5668c7da75f862c4cea9874226491fd665340607 /src/rcl | |
| parent | 41ca2b42eea3ffce49755d37d13d18e542324ed3 (diff) | |
| download | rspamd-8c6093d121a50bccaaba0ee0b731e8803239ae5b.tar.gz rspamd-8c6093d121a50bccaaba0ee0b731e8803239ae5b.zip | |
Fix signatures checking.
Diffstat (limited to 'src/rcl')
| -rw-r--r-- | src/rcl/rcl_util.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/rcl/rcl_util.c b/src/rcl/rcl_util.c index 57da0af5f..80848e51f 100644 --- a/src/rcl/rcl_util.c +++ b/src/rcl/rcl_util.c @@ -393,7 +393,12 @@ rspamd_cl_sig_check (const guchar *data, gsize datalen, const guchar *sig, gsize siglen, struct rspamd_cl_parser *parser) { struct rspamd_cl_pubkey *key; + gchar dig[EVP_MAX_MD_SIZE]; + guint diglen; EVP_PKEY_CTX *key_ctx; + EVP_MD_CTX *sign_ctx = NULL; + + sign_ctx = EVP_MD_CTX_create (); LL_FOREACH (parser->keys, key) { key_ctx = EVP_PKEY_CTX_new (key->key, NULL); @@ -410,7 +415,12 @@ rspamd_cl_sig_check (const guchar *data, gsize datalen, EVP_PKEY_CTX_free (key_ctx); continue; } - if (EVP_PKEY_verify (key_ctx, sig, siglen, data, datalen) == 1) { + EVP_DigestInit (sign_ctx, EVP_sha256 ()); + EVP_DigestUpdate (sign_ctx, data, datalen); + EVP_DigestFinal (sign_ctx, dig, &diglen); + + if (EVP_PKEY_verify (key_ctx, sig, siglen, dig, diglen) == 1) { + EVP_MD_CTX_destroy (sign_ctx); EVP_PKEY_CTX_free (key_ctx); return TRUE; } @@ -419,6 +429,8 @@ rspamd_cl_sig_check (const guchar *data, gsize datalen, } } + EVP_MD_CTX_destroy (sign_ctx); + return FALSE; } #endif |