upstream: cleanup unnecessary code in ECDSA pkcs#11 signature

work by markus@, feedback and ok djm@

OpenBSD-Commit-ID: affa5ca7d58d59fbd16169f77771dcdbd2b0306d
This commit is contained in:
djm@openbsd.org 2019-01-20 23:00:12 +00:00 committed by Damien Miller
parent 0c50992af4
commit 749aef3032
1 changed files with 16 additions and 25 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-pkcs11.c,v 1.28 2019/01/20 22:51:37 djm Exp $ */
/* $OpenBSD: ssh-pkcs11.c,v 1.29 2019/01/20 23:00:12 djm Exp $ */
/*
* Copyright (c) 2010 Markus Friedl. All rights reserved.
* Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@ -411,7 +411,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
CK_RV rv;
ECDSA_SIG *ret = NULL;
u_char *sig;
const u_char *cp;
if ((k11 = EC_KEY_get_ex_data(ec, 0)) == NULL) {
ossl_error("EC_KEY_get_key_method_data failed for ec");
@ -435,29 +434,21 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
error("C_Sign failed: %lu", rv);
goto done;
}
cp = sig;
ret = d2i_ECDSA_SIG(NULL, &cp, siglen);
if (ret == NULL) {
/*
* d2i_ECDSA_SIG failed, so sig does not point to a DER-encoded
* sequence, but to the concatenation r|s.
*/
if (siglen < 64 || siglen > 132 || siglen % 2) {
ossl_error("d2i_ECDSA_SIG failed");
goto done;
}
bnlen = siglen/2;
if ((ret = ECDSA_SIG_new()) == NULL) {
error("ECDSA_SIG_new failed");
goto done;
}
if (BN_bin2bn(sig, bnlen, ret->r) == NULL ||
BN_bin2bn(sig+bnlen, bnlen, ret->s) == NULL) {
ossl_error("d2i_ECDSA_SIG failed");
ECDSA_SIG_free(ret);
ret = NULL;
goto done;
}
if (siglen < 64 || siglen > 132 || siglen % 2) {
ossl_error("d2i_ECDSA_SIG failed");
goto done;
}
bnlen = siglen/2;
if ((ret = ECDSA_SIG_new()) == NULL) {
error("ECDSA_SIG_new failed");
goto done;
}
if (BN_bin2bn(sig, bnlen, ret->r) == NULL ||
BN_bin2bn(sig+bnlen, bnlen, ret->s) == NULL) {
ossl_error("d2i_ECDSA_SIG failed");
ECDSA_SIG_free(ret);
ret = NULL;
goto done;
}
done:
free(sig);