Deal with DSA_SIG opaqueness.
authorBen Laurie <ben@links.org>
Sat, 12 Mar 2016 17:41:03 +0000 (17:41 +0000)
committerBen Laurie <ben@links.org>
Wed, 16 Mar 2016 18:26:06 +0000 (18:26 +0000)
Reviewed-by: Rich Salz <rsalz@openssl.org>
crypto/engine/eng_cryptodev.c

index d8ba729..4acea62 100644 (file)
@@ -1432,14 +1432,12 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
 {
     struct crypt_kop kop;
     BIGNUM *r = NULL, *s = NULL;
-    DSA_SIG *dsaret = NULL;
+    DSA_SIG *dsasig, *dsaret = NULL;
 
-    if ((r = BN_new()) == NULL)
+    dsasig = DSA_SIG_new();
+    if (dsasig == NULL)
         goto err;
-    if ((s = BN_new()) == NULL) {
-        BN_free(r);
-        goto err;
-    }
+    DSA_SIG_get0(&r, &s, dsasig);
 
     memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_DSA_SIGN;
@@ -1459,21 +1457,17 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
 
     if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
                        BN_num_bytes(dsa->q), s) == 0) {
-        dsaret = DSA_SIG_new();
-        if (dsaret == NULL)
-            goto err;
-        dsaret->r = r;
-        dsaret->s = s;
+        dsaret = dsasig;
     } else {
         const DSA_METHOD *meth = DSA_OpenSSL();
-        BN_free(r);
-        BN_free(s);
         dsaret = (meth->dsa_do_sign) (dgst, dlen, dsa);
     }
  err:
+    if (dsaret != dsasig)
+        DSA_SIG_free(dsasig);
     kop.crk_param[0].crp_p = NULL;
     zapparams(&kop);
-    return (dsaret);
+    return dsaret;
 }
 
 static int
@@ -1482,6 +1476,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
 {
     struct crypt_kop kop;
     int dsaret = 1;
+    BIGNUM *pr, *ps;
 
     memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_DSA_VERIFY;
@@ -1497,9 +1492,10 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
         goto err;
     if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
         goto err;
-    if (bn2crparam(sig->r, &kop.crk_param[5]))
+    DSA_SIG_get0(&pr, &ps, sig);
+    if (bn2crparam(pr, &kop.crk_param[5]))
         goto err;
-    if (bn2crparam(sig->s, &kop.crk_param[6]))
+    if (bn2crparam(ps, &kop.crk_param[6]))
         goto err;
     kop.crk_iparams = 7;