From a5667732b9ce91352c8b0e71fc93df58f0286a2f Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 7 Mar 2010 12:05:45 +0000 Subject: [PATCH] update ASN1 sign/verify to use EVP_DigestSign and EVP_DigestVerify --- crypto/asn1/a_sign.c | 9 ++++----- crypto/asn1/a_verify.c | 8 ++++---- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index d96a622d83..018edaead7 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -219,7 +219,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, { EVP_MD_CTX ctx; unsigned char *buf_in=NULL,*buf_out=NULL; - int inl=0,outl=0,outll=0; + size_t inl=0,outl=0,outll=0; int signid, paramtype; if (type == NULL) @@ -270,10 +270,9 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, goto err; } - if (!EVP_SignInit_ex(&ctx,type, NULL) - || !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl) - || !EVP_SignFinal(&ctx,(unsigned char *)buf_out, - (unsigned int *)&outl,pkey)) + if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey) + || !EVP_DigestSignUpdate(&ctx, buf_in, inl) + || !EVP_DigestSignFinal(&ctx, buf_out, &outl)) { outl=0; ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB); diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index d9332ee15d..a9144251d1 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -163,7 +163,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat goto err; } - if (!EVP_VerifyInit_ex(&ctx,type, NULL)) + if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); ret=0; @@ -178,7 +178,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat goto err; } - if (!EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl)) + if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); ret=0; @@ -188,8 +188,8 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); - if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, - (unsigned int)signature->length,pkey) <= 0) + if (EVP_DigestVerifyFinal(&ctx,signature->data, + (size_t)signature->length) <= 0) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); ret=0; -- 2.25.1