summaryrefslogtreecommitdiff
path: root/lib/libcrypto/ecdsa
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2023-07-03 09:55:43 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2023-07-03 09:55:43 +0000
commit3a6f0014ccee07ffc7e4ff7fcd6cfe2c26cf4aea (patch)
tree7b6bde9a77a7de6d98fccac3283d132951d5bc09 /lib/libcrypto/ecdsa
parentbbf3e2c06c648630a36ca5fe2817fa7f4adf0e59 (diff)
Streamline ossl_ecdsa_verify()
Make it single exit and use API more idiomatically and some other cosmetics. ok beck jsing
Diffstat (limited to 'lib/libcrypto/ecdsa')
-rw-r--r--lib/libcrypto/ecdsa/ecs_ossl.c20
1 files changed, 13 insertions, 7 deletions
diff --git a/lib/libcrypto/ecdsa/ecs_ossl.c b/lib/libcrypto/ecdsa/ecs_ossl.c
index abf6b3b385a..7e03c234ee3 100644
--- a/lib/libcrypto/ecdsa/ecs_ossl.c
+++ b/lib/libcrypto/ecdsa/ecs_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_ossl.c,v 1.48 2023/07/03 07:28:05 tb Exp $ */
+/* $OpenBSD: ecs_ossl.c,v 1.49 2023/07/03 09:55:42 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project
*/
@@ -426,24 +426,30 @@ ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
{
ECDSA_SIG *s;
unsigned char *der = NULL;
- const unsigned char *p = sigbuf;
- int derlen = -1;
+ const unsigned char *p;
+ int derlen = 0;
int ret = -1;
if ((s = ECDSA_SIG_new()) == NULL)
- return (ret);
+ goto err;
+
+ p = sigbuf;
if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
goto err;
+
/* Ensure signature uses DER and doesn't have trailing garbage */
- derlen = i2d_ECDSA_SIG(s, &der);
- if (derlen != sig_len || memcmp(sigbuf, der, derlen))
+ if ((derlen = i2d_ECDSA_SIG(s, &der)) != sig_len)
+ goto err;
+ if (memcmp(sigbuf, der, derlen))
goto err;
+
ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
err:
freezero(der, derlen);
ECDSA_SIG_free(s);
- return (ret);
+
+ return ret;
}
int
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-09 05:43:21 +0000