RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function

pointers should be used. It doesn't necessarely mean it should go through the ENGINE framework.

RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
pointers should be used. It doesn't necessarely mean it should go through the ENGINE framework.
0a861ab7 · Richard Levitte · 7b36590b · 0a861ab7
隐藏空白更改
内联并排

Showing with 16 addition and 8 deletion

crypto/rsa/rsa_sign.c crypto/rsa/rsa_sign.c +16 -8

未找到文件。
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -79,12 +79,16 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
 	const unsigned char *s = NULL;
 	X509_ALGOR algor;
 	ASN1_OCTET_STRING digest;
+	if(rsa->flags & RSA_FLAG_SIGN_VER)
+		{
 #ifndef OPENSSL_NO_ENGINE
-	if((rsa->flags & RSA_FLAG_SIGN_VER)
+		if(ENGINE_get_RSA(rsa->engine)->rsa_sign)
-	      && ENGINE_get_RSA(rsa->engine)->rsa_sign)
+			return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
-	      return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
+				m, m_len, sigret, siglen, rsa);
-			m, m_len, sigret, siglen, rsa);
 #endif
+		return rsa->meth->rsa_sign(type, m, m_len,
+			sigret, siglen, rsa);
+		}
 	/* Special case: SSL signature, just check the length */
 	if(type == NID_md5_sha1) {
 		if(m_len != SSL_SIG_LENGTH) {
@@ -159,12 +163,16 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
 		return(0);
 		}
+	if(rsa->flags & RSA_FLAG_SIGN_VER)
+		{
 #ifndef OPENSSL_NO_ENGINE
-	if((rsa->flags & RSA_FLAG_SIGN_VER)
+		if(ENGINE_get_RSA(rsa->engine)->rsa_verify)
-	    && ENGINE_get_RSA(rsa->engine)->rsa_verify)
+			return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
-	    return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
+				m, m_len, sigbuf, siglen, rsa);
-			m, m_len, sigbuf, siglen, rsa);
 #endif
+		return rsa->meth->rsa_verify(dtype, m, m_len,
+			sigbuf, siglen, rsa);
+		}
 	s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
 	if (s == NULL)