From f16bc6f06c8eb454b8fcb457ef890c185d1d5746 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 27 Feb 2016 13:38:01 +0100 Subject: [PATCH] Revert "Don't check RSA_FLAG_SIGN_VER." This reverts commit 23a58779f53a9060c823d00d76b3070cad61d9a3. This broke existing engines that didn't properly implement the sign and verify functions. Reviewed-by: Richard Levitte MR: #2077 --- crypto/rsa/rsa_sign.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index cf4c026c4f..41c827f453 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -84,7 +84,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, return 0; } #endif - if (rsa->meth->rsa_sign) { + if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) { return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); } /* Special case: SSL signature, just check the length */ @@ -304,7 +304,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, const unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { - if (rsa->meth->rsa_verify) { + if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) { return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); } -- 2.25.1