Fix EVP_PKEY_FLAG_AUTOARGLEN behavior.

Converting check_autoarg from a macro to a function lost the behavior. Instead,
just move the logic into p_rsa.c which was the only EVP_PKEY implementation
that even needed the flag.

Also document this behavior on each of the functions. Make note of the out =
NULL case only returning the maximum output size, and not necessarily the
actual size.

For testing, update example_sign to determine the signature size using the NULL
behavior rather than querying the RSA key.

Change-Id: Iec6c2862028a5cfdefe8faa0e8c471755070898a
Reviewed-on: https://boringssl-review.googlesource.com/1121
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/evp/example_sign.c b/crypto/evp/example_sign.c
index 4bbe194..df7156b 100644
--- a/crypto/evp/example_sign.c
+++ b/crypto/evp/example_sign.c
@@ -101,7 +101,7 @@
   RSA *rsa = NULL;
   const uint8_t *derp = kExampleRSAKeyDER;
   uint8_t *sig = NULL;
-  size_t sig_len;
+  size_t sig_len = 0;
   EVP_MD_CTX md_ctx;
 
   EVP_MD_CTX_init(&md_ctx);
@@ -110,18 +110,29 @@
     goto out;
   }
 
-  sig_len = RSA_size(rsa);
-
   pkey = EVP_PKEY_new();
   sig = malloc(sig_len);
   if (pkey == NULL ||
-      sig == NULL ||
       !EVP_PKEY_set1_RSA(pkey, rsa) ||
       EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) != 1 ||
-      EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg)) != 1 ||
+      EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg)) != 1) {
+    goto out;
+  }
+  /* Determine the size of the signature. */
+  if (EVP_DigestSignFinal(&md_ctx, NULL, &sig_len) != 1) {
+    goto out;
+  }
+  /* Sanity check for testing. */
+  if (sig_len != RSA_size(rsa)) {
+    fprintf(stderr, "sig_len mismatch\n");
+    goto out;
+  }
+  sig = malloc(sig_len);
+  if (sig == NULL ||
       EVP_DigestSignFinal(&md_ctx, sig, &sig_len) != 1) {
     goto out;
   }
+
   ret = 1;
 
 out: