Index: crypto/signature_verifier_openssl.cc |
diff --git a/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc |
index a756149bdc4aa3281a3d7f7fb7b76ef09df6a477..2e64a58e94b8096e56bc207bd9f39c7d6751faa7 100644 |
--- a/crypto/signature_verifier_openssl.cc |
+++ b/crypto/signature_verifier_openssl.cc |
@@ -4,6 +4,7 @@ |
#include "crypto/signature_verifier.h" |
+#include <openssl/bytestring.h> |
#include <openssl/evp.h> |
#include <openssl/x509.h> |
#include <stdint.h> |
@@ -139,9 +140,10 @@ bool SignatureVerifier::CommonInit(const EVP_MD* digest, |
signature_.assign(signature, signature + signature_len); |
- const uint8_t* ptr = public_key_info; |
- ScopedEVP_PKEY public_key(d2i_PUBKEY(nullptr, &ptr, public_key_info_len)); |
- if (!public_key.get() || ptr != public_key_info + public_key_info_len) |
+ CBS cbs; |
+ CBS_init(&cbs, public_key_info, public_key_info_len); |
+ ScopedEVP_PKEY public_key(EVP_parse_public_key(&cbs)); |
+ if (!public_key || CBS_len(&cbs) != 0) |
return false; |
verify_context_->ctx.reset(EVP_MD_CTX_create()); |