From: Richard Levitte Date: Mon, 7 Apr 2003 19:15:25 +0000 (+0000) Subject: RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function X-Git-Tag: BEN_FIPS_TEST_1~38^2~152 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0a861ab7f36b6a8436e62dcf9f98446bc022b6ff;p=openssl RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function pointers should be used. It doesn't necessarely mean it should go through the ENGINE framework. --- diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 9dd62ac956..619755ce0b 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -79,12 +79,16 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, const unsigned char *s = NULL; X509_ALGOR algor; ASN1_OCTET_STRING digest; + if(rsa->flags & RSA_FLAG_SIGN_VER) + { #ifndef OPENSSL_NO_ENGINE - if((rsa->flags & RSA_FLAG_SIGN_VER) - && ENGINE_get_RSA(rsa->engine)->rsa_sign) - return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, - m, m_len, sigret, siglen, rsa); + if(ENGINE_get_RSA(rsa->engine)->rsa_sign) + return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, + m, m_len, sigret, siglen, rsa); #endif + return rsa->meth->rsa_sign(type, m, m_len, + sigret, siglen, rsa); + } /* Special case: SSL signature, just check the length */ if(type == NID_md5_sha1) { if(m_len != SSL_SIG_LENGTH) { @@ -159,12 +163,16 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, return(0); } + if(rsa->flags & RSA_FLAG_SIGN_VER) + { #ifndef OPENSSL_NO_ENGINE - if((rsa->flags & RSA_FLAG_SIGN_VER) - && ENGINE_get_RSA(rsa->engine)->rsa_verify) - return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, - m, m_len, sigbuf, siglen, rsa); + if(ENGINE_get_RSA(rsa->engine)->rsa_verify) + return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, + m, m_len, sigbuf, siglen, rsa); #endif + return rsa->meth->rsa_verify(dtype, m, m_len, + sigbuf, siglen, rsa); + } s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL)