commit 7d192200b897a9d65912e270691e5a3c8a8ff1a7
author Amin Hassani <ahassani@chromium.org> Tue Sep 29 15:58:37 2020 -0700
committer Commit Bot <commit-bot@chromium.org> Wed Sep 30 18:52:36 2020 +0000
tree f9324fe348633417d3004c17be2faf5e350d309a
parent fbe526cb9cbcfab38cbea286eca6b8c2f19a75af

update_engine: Switch back crypto function calls to get0 version

Because of b/158580694 we had to switch the crypto calls to get1 version
and manually release them. Since that bug has been marked as fixed, we
can now switch it back to its original form.

BUG=b:163153182
TEST=FEATURES=test emerge update_engine

Change-Id: I8c2ff6619f592fc5e78a45efce14d42626d66034
Reviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/system/update_engine/+/2438992
Tested-by: Amin Hassani <ahassani@chromium.org>
Auto-Submit: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Jae Hoon Kim <kimjae@chromium.org>
Commit-Queue: Amin Hassani <ahassani@chromium.org>

payload_generator/payload_signer.cc

diff --git a/payload_generator/payload_signer.cc b/payload_generator/payload_signer.cc
index 9a44f94..dd87ab7 100644
--- a/payload_generator/payload_signer.cc
+++ b/payload_generator/payload_signer.cc
@@ -309,10 +309,7 @@
   int key_type = EVP_PKEY_id(private_key.get());
   brillo::Blob signature;
   if (key_type == EVP_PKEY_RSA) {
-    // TODO(b/158580694): Switch back to get0 version and remove manual freeing
-    // of the object once the bug is resolved or gale has been moved to
-    // informational.
-    RSA* rsa = EVP_PKEY_get1_RSA(private_key.get());
+    RSA* rsa = EVP_PKEY_get0_RSA(private_key.get());
     TEST_AND_RETURN_FALSE(rsa != nullptr);
 
     brillo::Blob padded_hash = hash;
@@ -327,17 +324,12 @@
     if (signature_size < 0) {
       LOG(ERROR) << "Signing hash failed: "
                  << ERR_error_string(ERR_get_error(), nullptr);
-      RSA_free(rsa);
       return false;
     }
-    RSA_free(rsa);
     TEST_AND_RETURN_FALSE(static_cast<size_t>(signature_size) ==
                           signature.size());
   } else if (key_type == EVP_PKEY_EC) {
-    // TODO(b/158580694): Switch back to get0 version and remove manual freeing
-    // of the object once the bug is resolved or gale has been moved to
-    // informational.
-    EC_KEY* ec_key = EVP_PKEY_get1_EC_KEY(private_key.get());
+    EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(private_key.get());
     TEST_AND_RETURN_FALSE(ec_key != nullptr);
 
     signature.resize(ECDSA_size(ec_key));
@@ -350,10 +342,8 @@
                    ec_key) != 1) {
       LOG(ERROR) << "Signing hash failed: "
                  << ERR_error_string(ERR_get_error(), nullptr);
-      EC_KEY_free(ec_key);
       return false;
     }
-    EC_KEY_free(ec_key);
 
     // NIST P-256
     LOG(ERROR) << "signature max size " << signature.size() << " size "