summaryrefslogtreecommitdiffstats
path: root/ssh-pkcs11.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-01-21 00:00:12 +0100
committerDamien Miller <djm@mindrot.org>2019-01-21 00:54:37 +0100
commit749aef30321595435ddacef2f31d7a8f2b289309 (patch)
treec8adb22d52f5bfa844c35db1ed2276b7a64d4921 /ssh-pkcs11.c
parentupstream: cleanup pkcs#11 client code: use sshkey_new in instead (diff)
downloadopenssh-749aef30321595435ddacef2f31d7a8f2b289309.tar.xz
openssh-749aef30321595435ddacef2f31d7a8f2b289309.zip
upstream: cleanup unnecessary code in ECDSA pkcs#11 signature
work by markus@, feedback and ok djm@ OpenBSD-Commit-ID: affa5ca7d58d59fbd16169f77771dcdbd2b0306d
Diffstat (limited to '')
-rw-r--r--ssh-pkcs11.c41
1 files changed, 16 insertions, 25 deletions
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 01f968a9b..dd8d501ae 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.28 2019/01/20 22:51:37 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.29 2019/01/20 23:00:12 djm Exp $ */
/*
* Copyright (c) 2010 Markus Friedl. All rights reserved.
* Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@@ -411,7 +411,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
CK_RV rv;
ECDSA_SIG *ret = NULL;
u_char *sig;
- const u_char *cp;
if ((k11 = EC_KEY_get_ex_data(ec, 0)) == NULL) {
ossl_error("EC_KEY_get_key_method_data failed for ec");
@@ -435,29 +434,21 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
error("C_Sign failed: %lu", rv);
goto done;
}
- cp = sig;
- ret = d2i_ECDSA_SIG(NULL, &cp, siglen);
- if (ret == NULL) {
- /*
- * d2i_ECDSA_SIG failed, so sig does not point to a DER-encoded
- * sequence, but to the concatenation r|s.
- */
- if (siglen < 64 || siglen > 132 || siglen % 2) {
- ossl_error("d2i_ECDSA_SIG failed");
- goto done;
- }
- bnlen = siglen/2;
- if ((ret = ECDSA_SIG_new()) == NULL) {
- error("ECDSA_SIG_new failed");
- goto done;
- }
- if (BN_bin2bn(sig, bnlen, ret->r) == NULL ||
- BN_bin2bn(sig+bnlen, bnlen, ret->s) == NULL) {
- ossl_error("d2i_ECDSA_SIG failed");
- ECDSA_SIG_free(ret);
- ret = NULL;
- goto done;
- }
+ if (siglen < 64 || siglen > 132 || siglen % 2) {
+ ossl_error("d2i_ECDSA_SIG failed");
+ goto done;
+ }
+ bnlen = siglen/2;
+ if ((ret = ECDSA_SIG_new()) == NULL) {
+ error("ECDSA_SIG_new failed");
+ goto done;
+ }
+ if (BN_bin2bn(sig, bnlen, ret->r) == NULL ||
+ BN_bin2bn(sig+bnlen, bnlen, ret->s) == NULL) {
+ ossl_error("d2i_ECDSA_SIG failed");
+ ECDSA_SIG_free(ret);
+ ret = NULL;
+ goto done;
}
done:
free(sig);