From: Ben Laurie <ben@links.org>
Date: Sat, 12 Mar 2016 17:41:03 +0000 (+0000)
Subject: Deal with DSA_SIG opaqueness.
X-Git-Tag: OpenSSL_1_1_0-pre5~351
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=43c1fd6b648f14ec3aad7aeb094ccf777a5bb700

Deal with DSA_SIG opaqueness.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index d8ba729870..4acea62f9f 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -1432,14 +1432,12 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
 {
     struct crypt_kop kop;
     BIGNUM *r = NULL, *s = NULL;
-    DSA_SIG *dsaret = NULL;
+    DSA_SIG *dsasig, *dsaret = NULL;
 
-    if ((r = BN_new()) == NULL)
+    dsasig = DSA_SIG_new();
+    if (dsasig == NULL)
         goto err;
-    if ((s = BN_new()) == NULL) {
-        BN_free(r);
-        goto err;
-    }
+    DSA_SIG_get0(&r, &s, dsasig);
 
     memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_DSA_SIGN;
@@ -1459,21 +1457,17 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
 
     if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
                        BN_num_bytes(dsa->q), s) == 0) {
-        dsaret = DSA_SIG_new();
-        if (dsaret == NULL)
-            goto err;
-        dsaret->r = r;
-        dsaret->s = s;
+        dsaret = dsasig;
     } else {
         const DSA_METHOD *meth = DSA_OpenSSL();
-        BN_free(r);
-        BN_free(s);
         dsaret = (meth->dsa_do_sign) (dgst, dlen, dsa);
     }
  err:
+    if (dsaret != dsasig)
+        DSA_SIG_free(dsasig);
     kop.crk_param[0].crp_p = NULL;
     zapparams(&kop);
-    return (dsaret);
+    return dsaret;
 }
 
 static int
@@ -1482,6 +1476,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
 {
     struct crypt_kop kop;
     int dsaret = 1;
+    BIGNUM *pr, *ps;
 
     memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_DSA_VERIFY;
@@ -1497,9 +1492,10 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
         goto err;
     if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
         goto err;
-    if (bn2crparam(sig->r, &kop.crk_param[5]))
+    DSA_SIG_get0(&pr, &ps, sig);
+    if (bn2crparam(pr, &kop.crk_param[5]))
         goto err;
-    if (bn2crparam(sig->s, &kop.crk_param[6]))
+    if (bn2crparam(ps, &kop.crk_param[6]))
         goto err;
     kop.crk_iparams = 7;