From 72ed2a140753e578a51b42adbbe967a01c74fa90 Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Sat, 10 Jun 2023 15:34:36 +0000
Subject: [PATCH] Convert EVP_Digest{Sign,Verify}* to one-shot for TLSv1.3

Using one-shot EVP_DigestSign() and EVP_DigestVerify() is slightly shorter
and is needed for Ed25519 support.

ok jsing
---
 lib/libssl/tls13_client.c | 16 +++++-----------
 lib/libssl/tls13_server.c | 16 +++++-----------
 2 files changed, 10 insertions(+), 22 deletions(-)

diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c
index 3555ebadd19..053cf1689b1 100644
--- a/lib/libssl/tls13_client.c
+++ b/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.101 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.102 2023/06/10 15:34:36 tb Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -688,12 +688,8 @@ tls13_server_certificate_verify_recv(struct tls13_ctx *ctx, CBS *cbs)
 		if (!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))
 			goto err;
 	}
-	if (!EVP_DigestVerifyUpdate(mdctx, sig_content, sig_content_len)) {
-		ctx->alert = TLS13_ALERT_DECRYPT_ERROR;
-		goto err;
-	}
-	if (EVP_DigestVerifyFinal(mdctx, CBS_data(&signature),
-	    CBS_len(&signature)) <= 0) {
+	if (EVP_DigestVerify(mdctx, CBS_data(&signature), CBS_len(&signature),
+	    sig_content, sig_content_len) <= 0) {
 		ctx->alert = TLS13_ALERT_DECRYPT_ERROR;
 		goto err;
 	}
@@ -956,13 +952,11 @@ tls13_client_certificate_verify_send(struct tls13_ctx *ctx, CBB *cbb)
 		if (!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))
 			goto err;
 	}
-	if (!EVP_DigestSignUpdate(mdctx, sig_content, sig_content_len))
-		goto err;
-	if (EVP_DigestSignFinal(mdctx, NULL, &sig_len) <= 0)
+	if (!EVP_DigestSign(mdctx, NULL, &sig_len, sig_content, sig_content_len))
 		goto err;
 	if ((sig = calloc(1, sig_len)) == NULL)
 		goto err;
-	if (EVP_DigestSignFinal(mdctx, sig, &sig_len) <= 0)
+	if (!EVP_DigestSign(mdctx, sig, &sig_len, sig_content, sig_content_len))
 		goto err;
 
 	if (!CBB_add_u16(cbb, sigalg->value))
diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c
index 75510a90855..dfeb1e01663 100644
--- a/lib/libssl/tls13_server.c
+++ b/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.105 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.106 2023/06/10 15:34:36 tb Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -754,13 +754,11 @@ tls13_server_certificate_verify_send(struct tls13_ctx *ctx, CBB *cbb)
 		if (!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))
 			goto err;
 	}
-	if (!EVP_DigestSignUpdate(mdctx, sig_content, sig_content_len))
-		goto err;
-	if (EVP_DigestSignFinal(mdctx, NULL, &sig_len) <= 0)
+	if (!EVP_DigestSign(mdctx, NULL, &sig_len, sig_content, sig_content_len))
 		goto err;
 	if ((sig = calloc(1, sig_len)) == NULL)
 		goto err;
-	if (EVP_DigestSignFinal(mdctx, sig, &sig_len) <= 0)
+	if (!EVP_DigestSign(mdctx, sig, &sig_len, sig_content, sig_content_len))
 		goto err;
 
 	if (!CBB_add_u16(cbb, sigalg->value))
@@ -999,12 +997,8 @@ tls13_client_certificate_verify_recv(struct tls13_ctx *ctx, CBS *cbs)
 		if (!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))
 			goto err;
 	}
-	if (!EVP_DigestVerifyUpdate(mdctx, sig_content, sig_content_len)) {
-		ctx->alert = TLS13_ALERT_DECRYPT_ERROR;
-		goto err;
-	}
-	if (EVP_DigestVerifyFinal(mdctx, CBS_data(&signature),
-	    CBS_len(&signature)) <= 0) {
+	if (EVP_DigestVerify(mdctx, CBS_data(&signature), CBS_len(&signature),
+	    sig_content, sig_content_len) <= 0) {
 		ctx->alert = TLS13_ALERT_DECRYPT_ERROR;
 		goto err;
 	}
-- 
2.20.1