mirror of
https://github.com/php/php-src.git
synced 2024-09-22 10:27:25 +00:00
Use opaque EVP_MD in phar_verify_signature
This commit is contained in:
parent
d73735a750
commit
98514f96c9
@ -1487,7 +1487,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
|
||||
BIO *in;
|
||||
EVP_PKEY *key;
|
||||
EVP_MD *mdtype = (EVP_MD *) EVP_sha1();
|
||||
EVP_MD_CTX md_ctx;
|
||||
EVP_MD_CTX *md_ctx;
|
||||
#else
|
||||
int tempsig;
|
||||
#endif
|
||||
@ -1560,7 +1560,8 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
|
||||
return FAILURE;
|
||||
}
|
||||
|
||||
EVP_VerifyInit(&md_ctx, mdtype);
|
||||
md_ctx = EVP_MD_CTX_create();
|
||||
EVP_VerifyInit(md_ctx, mdtype);
|
||||
read_len = end_of_phar;
|
||||
|
||||
if ((size_t)read_len > sizeof(buf)) {
|
||||
@ -1572,7 +1573,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
|
||||
php_stream_seek(fp, 0, SEEK_SET);
|
||||
|
||||
while (read_size && (len = php_stream_read(fp, (char*)buf, read_size)) > 0) {
|
||||
EVP_VerifyUpdate (&md_ctx, buf, len);
|
||||
EVP_VerifyUpdate (md_ctx, buf, len);
|
||||
read_len -= (zend_off_t)len;
|
||||
|
||||
if (read_len < read_size) {
|
||||
@ -1580,9 +1581,9 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
|
||||
}
|
||||
}
|
||||
|
||||
if (EVP_VerifyFinal(&md_ctx, (unsigned char *)sig, sig_len, key) != 1) {
|
||||
if (EVP_VerifyFinal(md_ctx, (unsigned char *)sig, sig_len, key) != 1) {
|
||||
/* 1: signature verified, 0: signature does not match, -1: failed signature operation */
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
EVP_MD_CTX_destroy(md_ctx);
|
||||
|
||||
if (error) {
|
||||
spprintf(error, 0, "broken openssl signature");
|
||||
@ -1591,7 +1592,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
|
||||
return FAILURE;
|
||||
}
|
||||
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
EVP_MD_CTX_destroy(md_ctx);
|
||||
#endif
|
||||
|
||||
*signature_len = phar_hex_str((const char*)sig, sig_len, signature);
|
||||
|
Loading…
Reference in New Issue
Block a user