Remove superfluous SHA-1 dependency from EVP ECDSA code.
The documentation for |ECDSA_sign| and |ECDSA_verify| says that the
|type| parameter should be zero.
Change-Id: I875d3405455c5443f5a5a5c2960a9a9f486ca5bb
Reviewed-on: https://boringssl-review.googlesource.com/5832
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/evp/p_ec.c b/crypto/evp/p_ec.c
index f024960..77f213d 100644
--- a/crypto/evp/p_ec.c
+++ b/crypto/evp/p_ec.c
@@ -125,9 +125,7 @@
static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen,
const uint8_t *tbs, size_t tbslen) {
- int type;
unsigned int sltmp;
- EC_PKEY_CTX *dctx = ctx->data;
EC_KEY *ec = ctx->pkey->pkey.ec;
if (!sig) {
@@ -138,12 +136,7 @@
return 0;
}
- type = NID_sha1;
- if (dctx->md) {
- type = EVP_MD_type(dctx->md);
- }
-
- if (!ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec)) {
+ if (!ECDSA_sign(0, tbs, tbslen, sig, &sltmp, ec)) {
return 0;
}
*siglen = (size_t)sltmp;
@@ -152,16 +145,7 @@
static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen,
const uint8_t *tbs, size_t tbslen) {
- int type;
- EC_PKEY_CTX *dctx = ctx->data;
- EC_KEY *ec = ctx->pkey->pkey.ec;
-
- type = NID_sha1;
- if (dctx->md) {
- type = EVP_MD_type(dctx->md);
- }
-
- return ECDSA_verify(type, tbs, tbslen, sig, siglen, ec);
+ return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->pkey->pkey.ec);
}
static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key,
