Bug 250767 - security/p5-Crypt-OpenSSL-ECDSA signature initialisation fails with OpenSSL 1.1
Summary: security/p5-Crypt-OpenSSL-ECDSA signature initialisation fails with OpenSSL 1.1
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-perl (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-10-31 22:56 UTC by Patrick Mackinlay
Modified: 2020-10-31 22:56 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (perl)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Patrick Mackinlay 2020-10-31 22:56:44 UTC
Running the perl code:

use Crypt::OpenSSL::Bignum;
use Crypt::OpenSSL::ECDSA;

my $num = Crypt::OpenSSL::Bignum->new_from_word( 1000 );
my $dsasig = Crypt::OpenSSL::ECDSA::ECDSA_SIG->new();
$dsasig->set_r($num);
$dsasig->set_s($num);

1;

Fails with 

Could not duplicate unchanged ECDSA paramater

when the port is compiled with openssl-1.1.1h_1,1  (probably all versions after openssl 1.1)

Looking at the code in 
./work/Crypt-OpenSSL-ECDSA-0.08/ECDSA.xs

I can see that the set_r and set_s methods try to duplicate the previously initialised values for s and r respectively in the $dsasig object (ECDSA_SIG structure). However, since openssl 1.1 the ECDSA_SIG_new() method no longer initialises the r and s components (see man ECDSA_SIG_get0)