From 302e1471cc288d58552c7a5406e8e2f885421923 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@rspamd.com>
Date: Thu, 8 Aug 2024 10:53:35 +0100
Subject: [PATCH] [Fix] Apply the same workaround for signing keys

---
 src/libcryptobox/cryptobox.c | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c
index 72f3847a5..e47209963 100644
--- a/src/libcryptobox/cryptobox.c
+++ b/src/libcryptobox/cryptobox.c
@@ -432,19 +432,23 @@ void rspamd_cryptobox_keypair_sig(rspamd_sig_pk_t pk, rspamd_sig_sk_t sk,
 		EVP_PKEY *pkey = EVP_PKEY_Q_keygen(libctx, NULL, "EC", EC_curve_nid2nist(CRYPTOBOX_CURVE_NID));
 		g_assert(pkey != NULL);
 
-		BIGNUM *bn_sec = NULL;
-		g_assert(EVP_PKEY_get_bn_param(pkey, "priv", &bn_sec) == 1);
+		BIGNUM *bn = NULL;
+		g_assert(EVP_PKEY_get_bn_param(pkey, "priv", &bn) == 1);
 
-		len = BN_num_bytes(bn_sec);
+		len = BN_num_bytes(bn);
 		g_assert(len <= (int) sizeof(rspamd_sig_sk_t));
-		BN_bn2bin(bn_sec, sk);
-
-		EVP_PKEY_get_octet_string_param(pkey, "pub", pk,
-										sizeof(rspamd_sig_pk_t), &len);
+		BN_bn2bin(bn, sk);
 
-		g_assert(len <= (int) sizeof(rspamd_sig_pk_t));
+		/* Use the same logic as above */
+		pk[0] = POINT_CONVERSION_UNCOMPRESSED;
+		g_assert(EVP_PKEY_get_bn_param(pkey, "qx", &bn) == 1);
+		g_assert(BN_num_bytes(bn) == 32);
+		BN_bn2bin(bn, pk + 1);
+		g_assert(EVP_PKEY_get_bn_param(pkey, "qy", &bn) == 1);
+		g_assert(BN_num_bytes(bn) == 32);
+		BN_bn2bin(bn, pk + 33);
+		BN_free(bn);
 
-		BN_free(bn_sec);
 		EVP_PKEY_free(pkey);
 		OSSL_LIB_CTX_free(libctx);
 #else
-- 
2.39.5