summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohannes Berg <johannes@sipsolutions.net>2009-04-17 23:26:17 +0200
committerJohannes Berg <johannes@sipsolutions.net>2009-04-17 23:36:23 +0200
commitb7172255c545ee6784947e138df52100d7ac6364 (patch)
tree2fe1f3dfa0e8dfc7cb5e08021754effa95dd908c
parent1ea7f65712bb94eae7a0a606e859ff498d32761e (diff)
downloadcrda-b7172255c545ee6784947e138df52100d7ac6364.tar.gz
crda-b7172255c545ee6784947e138df52100d7ac6364.tar.bz2
crda-b7172255c545ee6784947e138df52100d7ac6364.zip
make openssl verification safe for multiple keys
it seems openssl caches some things in there and subsequent uses of the same key struct fail or something -- since this fixes it I'm not bothering trying to figure out what's wrong Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
-rw-r--r--reglib.c24
1 files changed, 10 insertions, 14 deletions
diff --git a/reglib.c b/reglib.c
index 3bc1da9..6aeadcb 100644
--- a/reglib.c
+++ b/reglib.c
@@ -49,32 +49,28 @@ int crda_verify_db_signature(__u8 *db, int dblen, int siglen)
unsigned int i;
int ok = 0;
- rsa = RSA_new();
- if (!rsa) {
- fprintf(stderr, "Failed to create RSA key.\n");
- goto out;
- }
-
if (SHA1(db, dblen, hash) != hash) {
fprintf(stderr, "Failed to calculate SHA1 sum.\n");
- RSA_free(rsa);
goto out;
}
for (i = 0; (i < sizeof(keys)/sizeof(keys[0])) && (!ok); i++) {
+ rsa = RSA_new();
+ if (!rsa) {
+ fprintf(stderr, "Failed to create RSA key.\n");
+ goto out;
+ }
+
rsa->e = &keys[i].e;
rsa->n = &keys[i].n;
- if (RSA_size(rsa) != siglen)
- continue;
-
ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH,
db + dblen, siglen, rsa) == 1;
- }
- rsa->e = NULL;
- rsa->n = NULL;
- RSA_free(rsa);
+ rsa->e = NULL;
+ rsa->n = NULL;
+ RSA_free(rsa);
+ }
#endif
#ifdef USE_GCRYPT