diff options
author | Ben Laurie <ben@links.org> | 2016-03-12 18:41:03 +0100 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2016-03-16 19:26:06 +0100 |
commit | 43c1fd6b648f14ec3aad7aeb094ccf777a5bb700 (patch) | |
tree | 439863992b495ed0017daef9d7921a01a684c9d6 | |
parent | Prepare for 1.1.0-pre5-dev (diff) | |
download | openssl-43c1fd6b648f14ec3aad7aeb094ccf777a5bb700.tar.xz openssl-43c1fd6b648f14ec3aad7aeb094ccf777a5bb700.zip |
Deal with DSA_SIG opaqueness.
Reviewed-by: Rich Salz <rsalz@openssl.org>
-rw-r--r-- | crypto/engine/eng_cryptodev.c | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c index d8ba729870..4acea62f9f 100644 --- a/crypto/engine/eng_cryptodev.c +++ b/crypto/engine/eng_cryptodev.c @@ -1432,14 +1432,12 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, { struct crypt_kop kop; BIGNUM *r = NULL, *s = NULL; - DSA_SIG *dsaret = NULL; + DSA_SIG *dsasig, *dsaret = NULL; - if ((r = BN_new()) == NULL) + dsasig = DSA_SIG_new(); + if (dsasig == NULL) goto err; - if ((s = BN_new()) == NULL) { - BN_free(r); - goto err; - } + DSA_SIG_get0(&r, &s, dsasig); memset(&kop, 0, sizeof(kop)); kop.crk_op = CRK_DSA_SIGN; @@ -1459,21 +1457,17 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, BN_num_bytes(dsa->q), s) == 0) { - dsaret = DSA_SIG_new(); - if (dsaret == NULL) - goto err; - dsaret->r = r; - dsaret->s = s; + dsaret = dsasig; } else { const DSA_METHOD *meth = DSA_OpenSSL(); - BN_free(r); - BN_free(s); dsaret = (meth->dsa_do_sign) (dgst, dlen, dsa); } err: + if (dsaret != dsasig) + DSA_SIG_free(dsasig); kop.crk_param[0].crp_p = NULL; zapparams(&kop); - return (dsaret); + return dsaret; } static int @@ -1482,6 +1476,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, { struct crypt_kop kop; int dsaret = 1; + BIGNUM *pr, *ps; memset(&kop, 0, sizeof(kop)); kop.crk_op = CRK_DSA_VERIFY; @@ -1497,9 +1492,10 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, goto err; if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) goto err; - if (bn2crparam(sig->r, &kop.crk_param[5])) + DSA_SIG_get0(&pr, &ps, sig); + if (bn2crparam(pr, &kop.crk_param[5])) goto err; - if (bn2crparam(sig->s, &kop.crk_param[6])) + if (bn2crparam(ps, &kop.crk_param[6])) goto err; kop.crk_iparams = 7; |