update ASN1 sign/verify to use EVP_DigestSign and EVP_DigestVerify

crypto/asn1/a_sign.c

@@ -219,7 +219,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
 	{
 	EVP_MD_CTX ctx;
 	unsigned char *buf_in=NULL,*buf_out=NULL;
-	int inl=0,outl=0,outll=0;
+	size_t inl=0,outl=0,outll=0;
 	int signid, paramtype;
 
 	if (type == NULL)
@@ -270,10 +270,9 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
 		goto err;
 		}
 
-	if (!EVP_SignInit_ex(&ctx,type, NULL)
-		|| !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl)
-		|| !EVP_SignFinal(&ctx,(unsigned char *)buf_out,
-			(unsigned int *)&outl,pkey))
+	if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)
+		|| !EVP_DigestSignUpdate(&ctx, buf_in, inl)
+		|| !EVP_DigestSignFinal(&ctx, buf_out, &outl))
 		{
 		outl=0;
 		ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB);

crypto/asn1/a_verify.c

@@ -163,7 +163,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 		goto err;
 		}
 
-	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+	if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey))
 		{
 		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
 		ret=0;
@@ -178,7 +178,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 		goto err;
 		}
 
-	if (!EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl))
+	if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl))
 		{
 		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
 		ret=0;
@@ -188,8 +188,8 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 	OPENSSL_cleanse(buf_in,(unsigned int)inl);
 	OPENSSL_free(buf_in);
 
-	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
-			(unsigned int)signature->length,pkey) <= 0)
+	if (EVP_DigestVerifyFinal(&ctx,signature->data,
+			(size_t)signature->length) <= 0)
 		{
 		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
 		ret=0;