From 2752c8e981bed038e4021b9e9d1e1685e5baf42f Mon Sep 17 00:00:00 2001 From: Stuart Henderson Date: Sat, 15 Jul 2023 11:41:55 +0000 Subject: [PATCH] replace ECDSA_sign_setup/ECDSA_sign_ex with ECDSA_sign There's no need to use ECDSA_sign_setup/ECDSA_sign_ex separately, a single call to ECDSA_sign will handle everything that's needed here. Avoids breakage with a soon-to-be-committed change to LibreSSL to remove ECDSA_sign_setup/ex from libcrypto. --- src/libcryptobox/cryptobox.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index e8fe3e789..6364afdce 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -539,7 +539,7 @@ rspamd_cryptobox_sign (guchar *sig, unsigned long long *siglen_p, g_assert (0); #else EC_KEY *lk; - BIGNUM *bn_sec, *kinv = NULL, *rp = NULL; + BIGNUM *bn_sec; EVP_MD_CTX *sha_ctx; unsigned char h[64]; guint diglen = rspamd_cryptobox_signature_bytes (mode); @@ -558,9 +558,7 @@ rspamd_cryptobox_sign (guchar *sig, unsigned long long *siglen_p, g_assert (EC_KEY_set_private_key (lk, bn_sec) == 1); /* ECDSA */ - g_assert (ECDSA_sign_setup (lk, NULL, &kinv, &rp) == 1); - g_assert (ECDSA_sign_ex (0, h, sizeof (h), sig, - &diglen, kinv, rp, lk) == 1); + g_assert (ECDSA_sign (0, h, sizeof (h), sig, &diglen, lk) == 1); g_assert (diglen <= sizeof (rspamd_signature_t)); if (siglen_p) { @@ -570,9 +568,6 @@ rspamd_cryptobox_sign (guchar *sig, unsigned long long *siglen_p, EC_KEY_free (lk); EVP_MD_CTX_destroy (sha_ctx); BN_free (bn_sec); - BN_free (kinv); - BN_free (rp); - #endif } } -- 2.39.5