Tidy up dsa_sign_setup. This function is not exported, so we don't need the optional BN_CTX logic. Additionally, the cleanup code can be made a bit simpler and more idiomatic. Change-Id: Ib326eab4813fd9de9ac1df8fdc9e470c26aff092 Reviewed-on: https://boringssl-review.googlesource.com/c/32704 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/dsa/dsa.c b/crypto/dsa/dsa.c index 7adde07..288e2c8 100644 --- a/crypto/dsa/dsa.c +++ b/crypto/dsa/dsa.c
@@ -860,29 +860,18 @@ return ret; } -static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **out_kinv, +static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx, BIGNUM **out_kinv, BIGNUM **out_r) { - BN_CTX *ctx; - BIGNUM k, *kinv = NULL, *r = NULL; - int ret = 0; - if (!dsa->p || !dsa->q || !dsa->g) { OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); return 0; } + int ret = 0; + BIGNUM k; BN_init(&k); - - ctx = ctx_in; - if (ctx == NULL) { - ctx = BN_CTX_new(); - if (ctx == NULL) { - goto err; - } - } - - r = BN_new(); - kinv = BN_new(); + BIGNUM *r = BN_new(); + BIGNUM *kinv = BN_new(); if (r == NULL || kinv == NULL || // Get random k !BN_rand_range_ex(&k, 1, dsa->q) || @@ -906,28 +895,23 @@ // Compute part of 's = inv(k) (m + xr) mod q' using Fermat's Little // Theorem. !bn_mod_inverse_prime(kinv, &k, dsa->q, ctx, dsa->method_mont_q)) { + OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); goto err; } BN_clear_free(*out_kinv); *out_kinv = kinv; kinv = NULL; + BN_clear_free(*out_r); *out_r = r; + r = NULL; + ret = 1; err: - if (!ret) { - OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); - if (r != NULL) { - BN_clear_free(r); - } - } - - if (ctx_in == NULL) { - BN_CTX_free(ctx); - } BN_clear_free(&k); + BN_clear_free(r); BN_clear_free(kinv); return ret; }