From dad3267aefbeab3a8910c1c59b2e5f7e9c12b048 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 19 Jan 2019 01:12:48 +0000
Subject: Partial port of EC_KEY_METHOD from OpenSSL 1.1. This commit adds
 missing API for ECDH/ECDSA_verify.

from markus
---
 src/lib/libcrypto/ecdsa/ecs_vrf.c | 39 +++++++++++----------------------------
 1 file changed, 11 insertions(+), 28 deletions(-)

(limited to 'src/lib/libcrypto/ecdsa/ecs_vrf.c')

diff --git a/src/lib/libcrypto/ecdsa/ecs_vrf.c b/src/lib/libcrypto/ecdsa/ecs_vrf.c
index 270af94c0d..4c1bc85e06 100644
--- a/src/lib/libcrypto/ecdsa/ecs_vrf.c
+++ b/src/lib/libcrypto/ecdsa/ecs_vrf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_vrf.c,v 1.6 2017/05/02 03:59:44 deraadt Exp $ */
+/* $OpenBSD: ecs_vrf.c,v 1.7 2019/01/19 01:12:48 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -56,10 +56,10 @@
  *
  */
 
-#include <string.h>
 #include <openssl/opensslconf.h>
 
 #include "ecs_locl.h"
+#include "ec_lcl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
@@ -73,11 +73,10 @@ int
 ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
     EC_KEY *eckey)
 {
-	ECDSA_DATA *ecdsa = ecdsa_check(eckey);
-
-	if (ecdsa == NULL)
-		return 0;
-	return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
+	if (eckey->meth->verify_sig != NULL)
+		return eckey->meth->verify_sig(dgst, dgst_len, sig, eckey);
+	ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
+	return 0;
 }
 
 /* returns
@@ -89,25 +88,9 @@ int
 ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
     const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
 {
-	ECDSA_SIG *s;
-	unsigned char *der = NULL;
-	const unsigned char *p = sigbuf;
-	int derlen = -1;
-	int ret = -1;
-
-	s = ECDSA_SIG_new();
-	if (s == NULL)
-		return (ret);
-	if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
-		goto err;
-	/* Ensure signature uses DER and doesn't have trailing garbage */
-	derlen = i2d_ECDSA_SIG(s, &der);
-	if (derlen != sig_len || memcmp(sigbuf, der, derlen))
-		goto err;
-	ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
-
-err:
-	freezero(der, derlen);
-	ECDSA_SIG_free(s);
-	return (ret);
+	if (eckey->meth->verify != NULL)
+		return eckey->meth->verify(type, dgst, dgst_len,
+		    sigbuf, sig_len, eckey);
+	ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
+	return 0;
 }
-- 
cgit v1.2.3-55-g6feb