From 16d40dbdf629126c2ec81c9c68c5c752a6d4ea13 Mon Sep 17 00:00:00 2001 From: Vivek Goyal Date: Mon, 24 Jun 2013 23:09:36 -0400 Subject: [PATCH] evmctl: Fix signature verification code for V2 digital signature For V2 of digital signature we store signature at hdr->sig and not at hdr->sig + 2. That's the property of V1 of signature. Fix the verification code otherwise it fails with following message. RSA_public_decrypt() failed: -1 error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed Signed-off-by: Vivek Goyal --- src/evmctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/evmctl.c b/src/evmctl.c index b261a79..d0f75ac 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -1141,7 +1141,7 @@ static int verify_hash_v2(const unsigned char *hash, int size, unsigned char *si if (!key) return 1; - err = RSA_public_decrypt(siglen - sizeof(*hdr) - 2, sig + sizeof(*hdr) + 2, out, key, RSA_PKCS1_PADDING); + err = RSA_public_decrypt(siglen - sizeof(*hdr), sig + sizeof(*hdr), out, key, RSA_PKCS1_PADDING); RSA_free(key); if (err < 0) { log_err("RSA_public_decrypt() failed: %d\n", err);