Tidy up dsa_sign_setup.
This function is not exported, so we don't need the optional BN_CTX
logic. Additionally, the cleanup code can be made a bit simpler and more
idiomatic.
Change-Id: Ib326eab4813fd9de9ac1df8fdc9e470c26aff092
Reviewed-on: https://boringssl-review.googlesource.com/c/32704
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/dsa/dsa.c b/crypto/dsa/dsa.c
index 7adde07..288e2c8 100644
--- a/crypto/dsa/dsa.c
+++ b/crypto/dsa/dsa.c
@@ -860,29 +860,18 @@
return ret;
}
-static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **out_kinv,
+static int dsa_sign_setup(const DSA *dsa, BN_CTX *ctx, BIGNUM **out_kinv,
BIGNUM **out_r) {
- BN_CTX *ctx;
- BIGNUM k, *kinv = NULL, *r = NULL;
- int ret = 0;
-
if (!dsa->p || !dsa->q || !dsa->g) {
OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
return 0;
}
+ int ret = 0;
+ BIGNUM k;
BN_init(&k);
-
- ctx = ctx_in;
- if (ctx == NULL) {
- ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
- }
- }
-
- r = BN_new();
- kinv = BN_new();
+ BIGNUM *r = BN_new();
+ BIGNUM *kinv = BN_new();
if (r == NULL || kinv == NULL ||
// Get random k
!BN_rand_range_ex(&k, 1, dsa->q) ||
@@ -906,28 +895,23 @@
// Compute part of 's = inv(k) (m + xr) mod q' using Fermat's Little
// Theorem.
!bn_mod_inverse_prime(kinv, &k, dsa->q, ctx, dsa->method_mont_q)) {
+ OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB);
goto err;
}
BN_clear_free(*out_kinv);
*out_kinv = kinv;
kinv = NULL;
+
BN_clear_free(*out_r);
*out_r = r;
+ r = NULL;
+
ret = 1;
err:
- if (!ret) {
- OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB);
- if (r != NULL) {
- BN_clear_free(r);
- }
- }
-
- if (ctx_in == NULL) {
- BN_CTX_free(ctx);
- }
BN_clear_free(&k);
+ BN_clear_free(r);
BN_clear_free(kinv);
return ret;
}
