diff options
Diffstat (limited to 'src/or/routerparse.c')
-rw-r--r-- | src/or/routerparse.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c index fc30c625bf..9ad84ed8db 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -571,10 +571,12 @@ router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest, crypto_pk_env_t *private_key) { char *signature; - size_t i; + size_t i, keysize; - signature = tor_malloc(crypto_pk_keysize(private_key)); - if (crypto_pk_private_sign(private_key, signature, digest, DIGEST_LEN) < 0) { + keysize = crypto_pk_keysize(private_key); + signature = tor_malloc(keysize); + if (crypto_pk_private_sign(private_key, signature, keysize, + digest, DIGEST_LEN) < 0) { log_warn(LD_BUG,"Couldn't sign digest."); goto err; @@ -924,6 +926,7 @@ check_signature_token(const char *digest, const char *doctype) { char *signed_digest; + size_t keysize; const int check_authority = (flags & CST_CHECK_AUTHORITY); const int check_objtype = ! (flags & CST_NO_CHECK_OBJTYPE); @@ -945,9 +948,10 @@ check_signature_token(const char *digest, } } - signed_digest = tor_malloc(tok->object_size); - if (crypto_pk_public_checksig(pkey, signed_digest, tok->object_body, - tok->object_size) + keysize = crypto_pk_keysize(pkey); + signed_digest = tor_malloc(keysize); + if (crypto_pk_public_checksig(pkey, signed_digest, keysize, + tok->object_body, tok->object_size) != DIGEST_LEN) { log_warn(LD_DIR, "Error reading %s: invalid signature.", doctype); tor_free(signed_digest); |