make openssl verification safe for multiple keys

it seems openssl caches some things in there and subsequent
uses of the same key struct fail or something -- since this
fixes it I'm not bothering trying to figure out what's wrong

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>

diff --git a/reglib.c b/reglib.c
index 3bc1da9..6aeadcb 100644 (file)
--- a/reglib.c
+++ b/reglib.c
@@ -49,32 +49,28 @@ int crda_verify_db_signature(__u8 *db, int dblen, int siglen)
        unsigned int i;
        int ok = 0;
 
-       rsa = RSA_new();
-       if (!rsa) {
-               fprintf(stderr, "Failed to create RSA key.\n");
-               goto out;
-       }
-
        if (SHA1(db, dblen, hash) != hash) {
                fprintf(stderr, "Failed to calculate SHA1 sum.\n");
-               RSA_free(rsa);
                goto out;
        }
 
        for (i = 0; (i < sizeof(keys)/sizeof(keys[0])) && (!ok); i++) {
+               rsa = RSA_new();
+               if (!rsa) {
+                       fprintf(stderr, "Failed to create RSA key.\n");
+                       goto out;
+               }
+
                rsa->e = &keys[i].e;
                rsa->n = &keys[i].n;
 
-               if (RSA_size(rsa) != siglen)
-                       continue;
-
                ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH,
                                db + dblen, siglen, rsa) == 1;
-       }
 
-       rsa->e = NULL;
-       rsa->n = NULL;
-       RSA_free(rsa);
+               rsa->e = NULL;
+               rsa->n = NULL;
+               RSA_free(rsa);
+       }
 #endif
 
 #ifdef USE_GCRYPT