1 files changed, 18 insertions, 39 deletions
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
index 34dafd87fe..1e33cfbe7f 100644
--- a/src/lib/libcrypto/evp/p_sign.c
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p_sign.c,v 1.15 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: p_sign.c,v 1.16 2022/01/14 08:38:06 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -71,9 +71,10 @@ EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
 {
        unsigned char m[EVP_MAX_MD_SIZE];
        unsigned int m_len;
-        int i = 0, ok = 0, v;
        EVP_MD_CTX tmp_ctx;
        EVP_PKEY_CTX *pkctx = NULL;
+        size_t sltmp;
+        int ret = 0;
        *siglen = 0;
        EVP_MD_CTX_init(&tmp_ctx);
@@ -83,43 +84,21 @@ EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
                goto err;
        EVP_MD_CTX_cleanup(&tmp_ctx);
-        if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
+        sltmp = (size_t)EVP_PKEY_size(pkey);
-                size_t sltmp = (size_t)EVP_PKEY_size(pkey);
-                i = 0;
-                pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-                if (!pkctx)
-                        goto err;
-                if (EVP_PKEY_sign_init(pkctx) <= 0)
-                        goto err;
-                if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-                        goto err;
-                if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
-                        goto err;
-                *siglen = sltmp;
-                i = 1;
-err:
-                EVP_PKEY_CTX_free(pkctx);
-                return i;
-        }
-        for (i = 0; i < 4; i++) {
+        if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL)
-                v = ctx->digest->required_pkey_type[i];
+                goto err;
-                if (v == 0)
+        if (EVP_PKEY_sign_init(pkctx) <= 0)
-                        break;
+                goto err;
-                if (pkey->type == v) {
+        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-                        ok = 1;
+                goto err;
-                        break;
+        if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
-                }
+                goto err;
-        }
+        *siglen = sltmp;
-        if (!ok) {
-                EVPerror(EVP_R_WRONG_PUBLIC_KEY_TYPE);
+        ret = 1;
-                return (0);
-        }
-        if (ctx->digest->sign == NULL) {
+ err:
-                EVPerror(EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
+        EVP_PKEY_CTX_free(pkctx);
-                return (0);
+        return ret;
-        }
-        return(ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
-            pkey->pkey.ptr));
 }

diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c index 34dafd87fe..1e33cfbe7f 100644 --- a/src/lib/libcrypto/evp/p_sign.c +++ b/src/lib/libcrypto/evp/p_sign.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p_sign.c,v 1.15 2021/12/12 21:30:13 tb Exp $ */	1	/* $OpenBSD: p_sign.c,v 1.16 2022/01/14 08:38:06 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -71,9 +71,10 @@ EVP_SignFinal(EVP_MD_CTX ctx, unsigned char sigret, unsigned int *siglen,
71	{	71	{
72	unsigned char m[EVP_MAX_MD_SIZE];	72	unsigned char m[EVP_MAX_MD_SIZE];
73	unsigned int m_len;	73	unsigned int m_len;
74	int i = 0, ok = 0, v;
75	EVP_MD_CTX tmp_ctx;	74	EVP_MD_CTX tmp_ctx;
76	EVP_PKEY_CTX *pkctx = NULL;	75	EVP_PKEY_CTX *pkctx = NULL;
		76	size_t sltmp;
		77	int ret = 0;
77		78
78	*siglen = 0;	79	*siglen = 0;
79	EVP_MD_CTX_init(&tmp_ctx);	80	EVP_MD_CTX_init(&tmp_ctx);
@@ -83,43 +84,21 @@ EVP_SignFinal(EVP_MD_CTX ctx, unsigned char sigret, unsigned int *siglen,
83	goto err;	84	goto err;
84	EVP_MD_CTX_cleanup(&tmp_ctx);	85	EVP_MD_CTX_cleanup(&tmp_ctx);
85		86
86	if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {	87	sltmp = (size_t)EVP_PKEY_size(pkey);
87	size_t sltmp = (size_t)EVP_PKEY_size(pkey);
88	i = 0;
89	pkctx = EVP_PKEY_CTX_new(pkey, NULL);
90	if (!pkctx)
91	goto err;
92	if (EVP_PKEY_sign_init(pkctx) <= 0)
93	goto err;
94	if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
95	goto err;
96	if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
97	goto err;
98	*siglen = sltmp;
99	i = 1;
100	err:
101	EVP_PKEY_CTX_free(pkctx);
102	return i;
103	}
104		88
105	for (i = 0; i < 4; i++) {	89	if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL)
106	v = ctx->digest->required_pkey_type[i];	90	goto err;
107	if (v == 0)	91	if (EVP_PKEY_sign_init(pkctx) <= 0)
108	break;	92	goto err;
109	if (pkey->type == v) {	93	if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
110	ok = 1;	94	goto err;
111	break;	95	if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
112	}	96	goto err;
113	}	97	*siglen = sltmp;
114	if (!ok) {	98
115	EVPerror(EVP_R_WRONG_PUBLIC_KEY_TYPE);	99	ret = 1;
116	return (0);
117	}
118		100
119	if (ctx->digest->sign == NULL) {	101	err:
120	EVPerror(EVP_R_NO_SIGN_FUNCTION_CONFIGURED);	102	EVP_PKEY_CTX_free(pkctx);
121	return (0);	103	return ret;
122	}
123	return(ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
124	pkey->pkey.ptr));
125	}	104	}