summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortb <>2023-06-18 19:12:58 +0000
committertb <>2023-06-18 19:12:58 +0000
commit7354479eaccb0ea5e9160abc1b2cf94f33e75adb (patch)
tree4fb3c21c3adef3e5248e044f339267d90486a733
parented9558e47b61cf3390cda693f01afa48b775003a (diff)
downloadopenbsd-7354479eaccb0ea5e9160abc1b2cf94f33e75adb.tar.gz
openbsd-7354479eaccb0ea5e9160abc1b2cf94f33e75adb.tar.bz2
openbsd-7354479eaccb0ea5e9160abc1b2cf94f33e75adb.zip
Turns out EC_KEY_METHOD_new() has dup built in...
... because RSA_meth_new() doesn't. So we can fortunately lose a few lines added in the previous commit. Three cheers for the masters of inconsistency. ok jsing
Diffstat
-rw-r--r--src/lib/libtls/tls_signer.c24
1 files changed, 3 insertions, 21 deletions
diff --git a/src/lib/libtls/tls_signer.c b/src/lib/libtls/tls_signer.c
index 78206d1223..177c9d07a4 100644
--- a/src/lib/libtls/tls_signer.c
+++ b/src/lib/libtls/tls_signer.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls_signer.c,v 1.8 2023/06/18 17:50:28 tb Exp $ */ 1/* $OpenBSD: tls_signer.c,v 1.9 2023/06/18 19:12:58 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2021 Eric Faurot <eric@openbsd.org> 3 * Copyright (c) 2021 Eric Faurot <eric@openbsd.org>
4 * 4 *
@@ -424,44 +424,26 @@ tls_signer_ecdsa_method(void)
424{ 424{
425 static EC_KEY_METHOD *ecdsa_method = NULL; 425 static EC_KEY_METHOD *ecdsa_method = NULL;
426 const EC_KEY_METHOD *default_method; 426 const EC_KEY_METHOD *default_method;
427 int (*keygen)(EC_KEY *key);
428 int (*compute_key)(void *out, size_t outlen, const EC_POINT *pub_key,
429 EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen, void *out,
430 size_t *outlen));
431 int (*sign)(int type, const unsigned char *dgst, int dlen, 427 int (*sign)(int type, const unsigned char *dgst, int dlen,
432 unsigned char *sig, unsigned int *siglen, 428 unsigned char *sig, unsigned int *siglen,
433 const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey); 429 const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey);
434 int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, 430 int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
435 BIGNUM **kinvp, BIGNUM **rp); 431 BIGNUM **kinvp, BIGNUM **rp);
436 int (*verify)(int type, const unsigned char *dgst, int dgst_len,
437 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
438 int (*verify_sig)(const unsigned char *dgst, int dgst_len,
439 const ECDSA_SIG *sig, EC_KEY *eckey);
440 432
441 pthread_mutex_lock(&signer_method_lock); 433 pthread_mutex_lock(&signer_method_lock);
442 434
443 if (ecdsa_method != NULL) 435 if (ecdsa_method != NULL)
444 goto out; 436 goto out;
445 437
446 ecdsa_method = EC_KEY_METHOD_new(NULL); 438 default_method = EC_KEY_get_default_method();
439 ecdsa_method = EC_KEY_METHOD_new(default_method);
447 if (ecdsa_method == NULL) 440 if (ecdsa_method == NULL)
448 goto out; 441 goto out;
449 442
450 default_method = EC_KEY_get_default_method();
451
452 EC_KEY_METHOD_get_keygen(default_method, &keygen);
453 EC_KEY_METHOD_set_keygen(ecdsa_method, keygen);
454
455 EC_KEY_METHOD_get_compute_key(default_method, &compute_key);
456 EC_KEY_METHOD_set_compute_key(ecdsa_method, compute_key);
457
458 EC_KEY_METHOD_get_sign(default_method, &sign, &sign_setup, NULL); 443 EC_KEY_METHOD_get_sign(default_method, &sign, &sign_setup, NULL);
459 EC_KEY_METHOD_set_sign(ecdsa_method, sign, sign_setup, 444 EC_KEY_METHOD_set_sign(ecdsa_method, sign, sign_setup,
460 tls_ecdsa_do_sign); 445 tls_ecdsa_do_sign);
461 446
462 EC_KEY_METHOD_get_verify(default_method, &verify, &verify_sig);
463 EC_KEY_METHOD_set_verify(ecdsa_method, verify, verify_sig);
464
465 out: 447 out:
466 pthread_mutex_unlock(&signer_method_lock); 448 pthread_mutex_unlock(&signer_method_lock);
467 449
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 17:45:35 +0000