1 files changed, 11 insertions, 28 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecs_vrf.c b/src/lib/libcrypto/ecdsa/ecs_vrf.c
index 270af94c0d..4c1bc85e06 100644
--- a/src/lib/libcrypto/ecdsa/ecs_vrf.c
+++ b/src/lib/libcrypto/ecdsa/ecs_vrf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_vrf.c,v 1.6 2017/05/02 03:59:44 deraadt Exp $ */
+/* $OpenBSD: ecs_vrf.c,v 1.7 2019/01/19 01:12:48 tb Exp $ */
 /*
 * Written by Nils Larsch for the OpenSSL project
 */
@@ -56,10 +56,10 @@
 *
 */
-#include <string.h>
 #include <openssl/opensslconf.h>
 #include "ecs_locl.h"
+#include "ec_lcl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
@@ -73,11 +73,10 @@ int
 ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
    EC_KEY *eckey)
 {
-        ECDSA_DATA *ecdsa = ecdsa_check(eckey);
+        if (eckey->meth->verify_sig != NULL)
+                return eckey->meth->verify_sig(dgst, dgst_len, sig, eckey);
-        if (ecdsa == NULL)
+        ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
-                return 0;
+        return 0;
-        return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
 }
 /* returns
@@ -89,25 +88,9 @@ int
 ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
    const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
 {
-        ECDSA_SIG *s;
+        if (eckey->meth->verify != NULL)
-        unsigned char *der = NULL;
+                return eckey->meth->verify(type, dgst, dgst_len,
-        const unsigned char *p = sigbuf;
+                    sigbuf, sig_len, eckey);
-        int derlen = -1;
+        ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
-        int ret = -1;
+        return 0;
-        s = ECDSA_SIG_new();
-        if (s == NULL)
-                return (ret);
-        if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
-                goto err;
-        /* Ensure signature uses DER and doesn't have trailing garbage */
-        derlen = i2d_ECDSA_SIG(s, &der);
-        if (derlen != sig_len || memcmp(sigbuf, der, derlen))
-                goto err;
-        ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
-err:
-        freezero(der, derlen);
-        ECDSA_SIG_free(s);
-        return (ret);
 }

diff --git a/src/lib/libcrypto/ecdsa/ecs_vrf.c b/src/lib/libcrypto/ecdsa/ecs_vrf.c index 270af94c0d..4c1bc85e06 100644 --- a/src/lib/libcrypto/ecdsa/ecs_vrf.c +++ b/src/lib/libcrypto/ecdsa/ecs_vrf.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ecs_vrf.c,v 1.6 2017/05/02 03:59:44 deraadt Exp $ */	1	/* $OpenBSD: ecs_vrf.c,v 1.7 2019/01/19 01:12:48 tb Exp $ */
2	/*	2	/*
3	* Written by Nils Larsch for the OpenSSL project	3	* Written by Nils Larsch for the OpenSSL project
4	*/	4	*/
@@ -56,10 +56,10 @@
56	*	56	*
57	*/	57	*/
58		58
59	#include <string.h>
60	#include <openssl/opensslconf.h>	59	#include <openssl/opensslconf.h>
61		60
62	#include "ecs_locl.h"	61	#include "ecs_locl.h"
		62	#include "ec_lcl.h"
63	#ifndef OPENSSL_NO_ENGINE	63	#ifndef OPENSSL_NO_ENGINE
64	#include <openssl/engine.h>	64	#include <openssl/engine.h>
65	#endif	65	#endif
@@ -73,11 +73,10 @@ int
73	ECDSA_do_verify(const unsigned char dgst, int dgst_len, const ECDSA_SIG sig,	73	ECDSA_do_verify(const unsigned char dgst, int dgst_len, const ECDSA_SIG sig,
74	EC_KEY *eckey)	74	EC_KEY *eckey)
75	{	75	{
76	ECDSA_DATA *ecdsa = ecdsa_check(eckey);	76	if (eckey->meth->verify_sig != NULL)
77		77	return eckey->meth->verify_sig(dgst, dgst_len, sig, eckey);
78	if (ecdsa == NULL)	78	ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
79	return 0;	79	return 0;
80	return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
81	}	80	}
82		81
83	/* returns	82	/* returns
@@ -89,25 +88,9 @@ int
89	ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,	88	ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
90	const unsigned char sigbuf, int sig_len, EC_KEY eckey)	89	const unsigned char sigbuf, int sig_len, EC_KEY eckey)
91	{	90	{
92	ECDSA_SIG *s;	91	if (eckey->meth->verify != NULL)
93	unsigned char *der = NULL;	92	return eckey->meth->verify(type, dgst, dgst_len,
94	const unsigned char *p = sigbuf;	93	sigbuf, sig_len, eckey);
95	int derlen = -1;	94	ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
96	int ret = -1;	95	return 0;
97
98	s = ECDSA_SIG_new();
99	if (s == NULL)
100	return (ret);
101	if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
102	goto err;
103	/* Ensure signature uses DER and doesn't have trailing garbage */
104	derlen = i2d_ECDSA_SIG(s, &der);
105	if (derlen != sig_len \|\| memcmp(sigbuf, der, derlen))
106	goto err;
107	ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
108
109	err:
110	freezero(der, derlen);
111	ECDSA_SIG_free(s);
112	return (ret);
113	}	96	}