~stepankk/pyopenssl/bug-845445

« back to all changes in this revision

Viewing changes to OpenSSL/crypto/crypto.c

  • Committer: Jean-Paul Calderone
  • Date: 2011-06-12 21:34:44 UTC
  • mfrom: (139.2.3 sign-and-verify-nulls)
  • Revision ID: exarkun@divmod.com-20110612213444-6wcy690j4ft2zmzg
Fix NUL handling in OpenSSL.crypto.sign and OpenSSL.crypto.verify

Show diffs side-by-side

added added

removed removed

Lines of Context:
618
618
    PyObject *buffer;
619
619
    crypto_PKeyObj *pkey;
620
620
    char *data = NULL;
 
621
    int data_len;
621
622
    char *digest_name;
622
623
    int err;
623
624
    unsigned int sig_len;
626
627
    unsigned char sig_buf[512];
627
628
 
628
629
    if (!PyArg_ParseTuple(
629
 
            args, "O!" BYTESTRING_FMT "s:sign", &crypto_PKey_Type,
630
 
            &pkey, &data, &digest_name)) {
 
630
            args, "O!" BYTESTRING_FMT "#s:sign", &crypto_PKey_Type,
 
631
            &pkey, &data, &data_len, &digest_name)) {
631
632
        return NULL;
632
633
    }
633
634
 
637
638
    }
638
639
 
639
640
    EVP_SignInit(&md_ctx, digest);
640
 
    EVP_SignUpdate(&md_ctx, data, strlen(data));
 
641
    EVP_SignUpdate(&md_ctx, data, data_len);
641
642
    sig_len = sizeof(sig_buf);
642
643
    err = EVP_SignFinal(&md_ctx, sig_buf, &sig_len, pkey->pkey);
643
644
 
666
667
    unsigned char *signature;
667
668
    int sig_len;
668
669
    char *data, *digest_name;
 
670
    int data_len;
669
671
    int err;
670
672
    const EVP_MD *digest;
671
673
    EVP_MD_CTX md_ctx;
672
674
    EVP_PKEY *pkey;
673
675
 
674
676
#ifdef PY3
675
 
    if (!PyArg_ParseTuple(args, "O!" BYTESTRING_FMT "#" BYTESTRING_FMT "s:verify", &crypto_X509_Type, &cert, &signature, &sig_len, &data, &digest_name)) {
 
677
    if (!PyArg_ParseTuple(args, "O!" BYTESTRING_FMT "#" BYTESTRING_FMT "#s:verify", &crypto_X509_Type, &cert, &signature, &sig_len, &data, &data_len, &digest_name)) {
676
678
#else
677
 
    if (!PyArg_ParseTuple(args, "O!t#ss:verify", &crypto_X509_Type, &cert, &signature, &sig_len, &data, &digest_name)) {
 
679
    if (!PyArg_ParseTuple(args, "O!t#s#s:verify", &crypto_X509_Type, &cert, &signature, &sig_len, &data, &data_len, &digest_name)) {
678
680
#endif
679
681
        return NULL;
680
682
    }
691
693
    }
692
694
 
693
695
    EVP_VerifyInit(&md_ctx, digest);
694
 
    EVP_VerifyUpdate(&md_ctx, data, strlen((char*)data));
 
696
    EVP_VerifyUpdate(&md_ctx, data, data_len);
695
697
    err = EVP_VerifyFinal(&md_ctx, signature, sig_len, pkey);
696
698
    EVP_PKEY_free(pkey);
697
699