From f412995811084e60c069b3befeabfd1a8f2089d1 Mon Sep 17 00:00:00 2001 From: alegon01 Date: Fri, 1 Feb 2019 09:10:02 +0100 Subject: [PATCH] Bug fix in verify_signature() when the buffer to verify is larger than 1025 bytes. In this case, the signature length given to C_VerifyFinal() was incorrect. --- src/tools/pkcs11-tool.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c index 561da149..ceb6ea15 100644 --- a/src/tools/pkcs11-tool.c +++ b/src/tools/pkcs11-tool.c @@ -1985,7 +1985,7 @@ static void verify_signature(CK_SLOT_ID slot, CK_SESSION_HANDLE session, r = read(fd, in_buffer, sizeof(in_buffer)); } while (r > 0); - sig_len = sizeof(sig_buffer); + sig_len = r2; rv = p11->C_VerifyFinal(session, sig_buffer, sig_len); if (rv != CKR_OK) p11_fatal("C_VerifyFinal", rv);