if (!rv)
return 0;
}
+ else if (!sig && BIO_puts(bp, "\n") <= 0)
+ return 0;
if (sig)
return X509_signature_dump(bp, sig, indent);
return 1;
else
saltlen = 20;
+ /* low-level routines support only trailer field 0xbc (value 1)
+ * and PKCS#1 says we should reject any other value anyway.
+ */
+ if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_TRAILER);
+ goto err;
+ }
+
/* We have all parameters now set up context */
if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey))
if (saltlen == -1)
saltlen = EVP_MD_size(sigmd);
else if (saltlen == -2)
+ {
saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
+ if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0)
+ saltlen--;
+ }
pss = RSA_PSS_PARAMS_new();
if (!pss)
goto err;