diff options
Diffstat (limited to 'ext/phar')
-rw-r--r-- | ext/phar/util.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/ext/phar/util.c b/ext/phar/util.c index cc4457493b..d456ee3b63 100644 --- a/ext/phar/util.c +++ b/ext/phar/util.c @@ -2119,8 +2119,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat #ifdef PHAR_HAVE_OPENSSL BIO *in; EVP_PKEY *key; - EVP_MD *mdtype = (EVP_MD *) EVP_sha1(); - EVP_MD_CTX md_ctx; + EVP_MD_CTX *md_ctx; in = BIO_new_mem_buf(PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len)); @@ -2141,15 +2140,30 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat return FAILURE; } + md_ctx = EVP_MD_CTX_create(); + siglen = EVP_PKEY_size(key); sigbuf = emalloc(siglen + 1); - EVP_SignInit(&md_ctx, mdtype); + + if (!EVP_SignInit(md_ctx, EVP_sha1())) { + efree(sigbuf); + if (error) { + spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname); + } + return FAILURE; + } while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) { - EVP_SignUpdate(&md_ctx, buf, sig_len); + if (!EVP_SignUpdate(md_ctx, buf, sig_len)) { + efree(sigbuf); + if (error) { + spprintf(error, 0, "unable to to update the openssl signature for phar \"%s\"", phar->fname); + } + return FAILURE; + } } - if (!EVP_SignFinal (&md_ctx, sigbuf,(unsigned int *)&siglen, key)) { + if (!EVP_SignFinal (md_ctx, sigbuf,(unsigned int *)&siglen, key)) { efree(sigbuf); if (error) { spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname); @@ -2158,7 +2172,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat } sigbuf[siglen] = '\0'; - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_destroy(md_ctx); #else sigbuf = NULL; siglen = 0; |