[pkg-opensc-commit] [libp11] 52/86: Simplified pkcs11_ecdsa_sign_sig
Eric Dorland
eric at moszumanska.debian.org
Sun Jul 24 21:40:22 UTC 2016
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository libp11.
commit 229f81bba1f91b949278053aeb3de263353bce92
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date: Mon Feb 15 16:39:37 2016 +0100
Simplified pkcs11_ecdsa_sign_sig
---
src/p11_ec.c | 49 ++++++++++++++++---------------------------------
1 file changed, 16 insertions(+), 33 deletions(-)
diff --git a/src/p11_ec.c b/src/p11_ec.c
index d41ccee..29d1376 100644
--- a/src/p11_ec.c
+++ b/src/p11_ec.c
@@ -232,54 +232,37 @@ static ECDSA_SIG *pkcs11_ecdsa_sign_sig(const unsigned char *dgst, int dlen,
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *ec)
{
unsigned char sigret[512]; /* HACK for now */
- ECDSA_SIG * sig = NULL;
- PKCS11_KEY * key = NULL;
+ ECDSA_SIG *sig;
+ PKCS11_KEY *key;
unsigned int siglen;
- int nLen = 48; /* HACK */
- int rv;
+ BIGNUM *r, *s;
(void)kinv; /* Precomputed values are not used for PKCS#11 */
(void)rp; /* Precomputed values are not used for PKCS#11 */
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- key = (PKCS11_KEY *) EC_KEY_get_ex_data(ec, ec_ex_index);
+ key = (PKCS11_KEY *)EC_KEY_get_ex_data(ec, ec_ex_index);
#else
- key = (PKCS11_KEY *) ECDSA_get_ex_data(ec, ec_ex_index);
+ key = (PKCS11_KEY *)ECDSA_get_ex_data(ec, ec_ex_index);
#endif
if (key == NULL)
return NULL;
- siglen = sizeof(sigret);
+ siglen = sizeof sigret;
+ if (pkcs11_ecdsa_sign(dgst, dlen, sigret, &siglen, key) <= 0)
+ return NULL;
- rv = pkcs11_ecdsa_sign(dgst, dlen, sigret, &siglen, key);
- nLen = siglen / 2;
- if (rv > 0) {
- sig = ECDSA_SIG_new();
- if (sig) {
+ sig = ECDSA_SIG_new();
+ if (sig == NULL)
+ return NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- /*
- * OpenSSL 1.1 does not have a way to allocate r and s
- * in ECDSA_SIG as it is now hidden.
- * Will us dummy ASN1 so r and s are allocated then
- * use ECDSA_SIG_get0 to get access to r and s
- * can then update r annd s
- */
- const unsigned char *a;
- unsigned char dasn1[8] =
- {0x30, 0x06, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00};
- BIGNUM *r;
- BIGNUM *s;
- a = dasn1;
- d2i_ECDSA_SIG(&sig, &a, 8);
- ECDSA_SIG_get0(&r, &s, sig);
- BN_bin2bn(&sigret[0], nLen, r);
- BN_bin2bn(&sigret[nLen], nLen, s);
+ ECDSA_SIG_get0(&r, &s, sig);
#else
- BN_bin2bn(&sigret[0], nLen, sig->r);
- BN_bin2bn(&sigret[nLen], nLen, sig->s);
+ r = sig->r;
+ s = sig->s;
#endif
- }
- }
+ BN_bin2bn(sigret, siglen/2, r);
+ BN_bin2bn(sigret + siglen/2, siglen/2, s);
return sig;
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git
More information about the pkg-opensc-commit
mailing list