Don't truncate the input when decrypting in pkeyutl

The pkeyutl app was truncating the input file for decryption leading to incorrect results. This was probably ok historically when RSA was being used for decryption which has short maximum sizes. This is not ok with SM2. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #21272) (cherry picked from commit 8494507)
openssl · Jun 26, 2023 · c62b0c7 · c62b0c7
1 parent 87da0e6
commit c62b0c7
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
@@ -2011,7 +2011,8 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
             BIO_free(mem);
             return -1;
         }
-        maxlen -= len;
+        if (maxlen != -1)
+            maxlen -= len;
 
         if (maxlen == 0)
             break;

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
@@ -421,7 +421,7 @@ int pkeyutl_main(int argc, char **argv)
     /* Raw input data is handled elsewhere */
     if (in != NULL && !rawin) {
         /* Read the input data */
-        buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
+        buf_inlen = bio_to_mem(&buf_in, -1, in);
         if (buf_inlen < 0) {
             BIO_printf(bio_err, "Error reading input Data\n");
             goto end;