summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/adb.h2
-rw-r--r--src/adb_walk_adb.c2
-rw-r--r--src/crypto_openssl.c12
3 files changed, 9 insertions, 7 deletions
diff --git a/src/adb.h b/src/adb.h
index 1944522..2319f92 100644
--- a/src/adb.h
+++ b/src/adb.h
@@ -74,7 +74,7 @@ static inline apk_blob_t adb_block_blob(struct adb_block *b) {
return APK_BLOB_PTR_LEN(adb_block_payload(b), adb_block_length(b));
}
-#define ADB_MAX_SIGNATURE_LEN 256
+#define ADB_MAX_SIGNATURE_LEN 2048
struct adb_sign_hdr {
uint8_t sign_ver, hash_alg;
diff --git a/src/adb_walk_adb.c b/src/adb_walk_adb.c
index 155ef33..2b3b34b 100644
--- a/src/adb_walk_adb.c
+++ b/src/adb_walk_adb.c
@@ -106,7 +106,7 @@ static int dump_object(struct adb_walk_ctx *ctx, const struct adb_object_schema
static int dump_adb(struct adb_walk_ctx *ctx)
{
- char tmp[512];
+ char tmp[16+ADB_MAX_SIGNATURE_LEN*2];
struct adb_block *blk;
struct adb_sign_hdr *s;
struct adb_verify_ctx vfy = {};
diff --git a/src/crypto_openssl.c b/src/crypto_openssl.c
index 5512a49..6db5e6d 100644
--- a/src/crypto_openssl.c
+++ b/src/crypto_openssl.c
@@ -115,23 +115,25 @@ int apk_pkey_load(struct apk_pkey *pkey, int dirfd, const char *fn)
int apk_sign_start(struct apk_digest_ctx *dctx, struct apk_pkey *pkey)
{
- EVP_MD_CTX_set_pkey_ctx(dctx->mdctx, NULL);
- if (EVP_DigestSignInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1)
+ if (EVP_MD_CTX_reset(dctx->mdctx) != 1 ||
+ EVP_DigestSignInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1)
return -EIO;
return 0;
}
int apk_sign(struct apk_digest_ctx *dctx, void *sig, size_t *len)
{
- if (EVP_DigestSignFinal(dctx->mdctx, sig, len) != 1)
+ if (EVP_DigestSignFinal(dctx->mdctx, sig, len) != 1) {
+ ERR_print_errors_fp(stderr);
return -EBADMSG;
+ }
return 0;
}
int apk_verify_start(struct apk_digest_ctx *dctx, struct apk_pkey *pkey)
{
- EVP_MD_CTX_set_pkey_ctx(dctx->mdctx, NULL);
- if (EVP_DigestVerifyInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1)
+ if (EVP_MD_CTX_reset(dctx->mdctx) != 1 ||
+ EVP_DigestVerifyInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1)
return -EIO;
return 0;
}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-01-20 07:31:01 +0000