diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-01-21 00:00:12 +0100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-01-21 00:54:37 +0100 |
commit | 749aef30321595435ddacef2f31d7a8f2b289309 (patch) | |
tree | c8adb22d52f5bfa844c35db1ed2276b7a64d4921 /ssh-pkcs11.c | |
parent | upstream: cleanup pkcs#11 client code: use sshkey_new in instead (diff) | |
download | openssh-749aef30321595435ddacef2f31d7a8f2b289309.tar.xz openssh-749aef30321595435ddacef2f31d7a8f2b289309.zip |
upstream: cleanup unnecessary code in ECDSA pkcs#11 signature
work by markus@, feedback and ok djm@
OpenBSD-Commit-ID: affa5ca7d58d59fbd16169f77771dcdbd2b0306d
Diffstat (limited to '')
-rw-r--r-- | ssh-pkcs11.c | 41 |
1 files changed, 16 insertions, 25 deletions
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 01f968a9b..dd8d501ae 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.28 2019/01/20 22:51:37 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.29 2019/01/20 23:00:12 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -411,7 +411,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, CK_RV rv; ECDSA_SIG *ret = NULL; u_char *sig; - const u_char *cp; if ((k11 = EC_KEY_get_ex_data(ec, 0)) == NULL) { ossl_error("EC_KEY_get_key_method_data failed for ec"); @@ -435,29 +434,21 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, error("C_Sign failed: %lu", rv); goto done; } - cp = sig; - ret = d2i_ECDSA_SIG(NULL, &cp, siglen); - if (ret == NULL) { - /* - * d2i_ECDSA_SIG failed, so sig does not point to a DER-encoded - * sequence, but to the concatenation r|s. - */ - if (siglen < 64 || siglen > 132 || siglen % 2) { - ossl_error("d2i_ECDSA_SIG failed"); - goto done; - } - bnlen = siglen/2; - if ((ret = ECDSA_SIG_new()) == NULL) { - error("ECDSA_SIG_new failed"); - goto done; - } - if (BN_bin2bn(sig, bnlen, ret->r) == NULL || - BN_bin2bn(sig+bnlen, bnlen, ret->s) == NULL) { - ossl_error("d2i_ECDSA_SIG failed"); - ECDSA_SIG_free(ret); - ret = NULL; - goto done; - } + if (siglen < 64 || siglen > 132 || siglen % 2) { + ossl_error("d2i_ECDSA_SIG failed"); + goto done; + } + bnlen = siglen/2; + if ((ret = ECDSA_SIG_new()) == NULL) { + error("ECDSA_SIG_new failed"); + goto done; + } + if (BN_bin2bn(sig, bnlen, ret->r) == NULL || + BN_bin2bn(sig+bnlen, bnlen, ret->s) == NULL) { + ossl_error("d2i_ECDSA_SIG failed"); + ECDSA_SIG_free(ret); + ret = NULL; + goto done; } done: free(sig); |