Fixes from code review

Document how length of ECDSA signature calculated.
Check parameter not NULL before use.
Formatting fix.
Also, disable RSA test of EVP_DigestSign/Verify* when HAVE_USER_RSA.

src/ssl.c

@@ -27491,11 +27491,19 @@ int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, unsigned char **pp)
     if (sig == NULL)
         return 0;
 
-    len = 2 + 2 + mp_leading_bit((mp_int*)sig->r->internal) +
+    /* ASN.1: SEQ + INT + INT
-                  mp_unsigned_bin_size((mp_int*)sig->r->internal) +
+     *   ASN.1 Integer must be a positive value - prepend zero if number has
-              2 + mp_leading_bit((mp_int*)sig->s->internal) +
+     *   top bit set.
-                  mp_unsigned_bin_size((mp_int*)sig->s->internal);
+     */
-    if (pp != NULL) {
+    len = 2 + mp_leading_bit((mp_int*)sig->r->internal) +
+              mp_unsigned_bin_size((mp_int*)sig->r->internal) +
+          2 + mp_leading_bit((mp_int*)sig->s->internal) +
+              mp_unsigned_bin_size((mp_int*)sig->s->internal);
+    /* Two bytes required for length if ASN.1 SEQ data greater than 127 bytes
+     * and less than 256 bytes.
+     */
+    len = 1 + ((len > 127) ? 2 : 1) + len;
+    if (pp != NULL && *pp != NULL) {
         if (StoreECC_DSA_Sig(*pp, &len, (mp_int*)sig->r->internal,
                                         (mp_int*)sig->s->internal) != MP_OKAY) {
             len = 0;
@@ -28230,13 +28238,17 @@ int wolfSSL_EVP_PKEY_type(int type)
 
 int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey)
 {
-    return pkey->type;
+    if (pkey != NULL)
+        return pkey->type;
+    return 0;
 }
 
 
 int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey)
 {
-    return EVP_PKEY_type(pkey->type);
+    if (pkey == NULL)
+        return NID_undef;
+    return wolfSSL_EVP_PKEY_type(pkey->type);
 }
 
 

tests/api.c

@@ -16798,7 +16798,8 @@ static void test_wolfSSL_EVP_MD_hmac_signing(void)
 
 static void test_wolfSSL_EVP_MD_rsa_signing(void)
 {
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
+                                                  defined(USE_CERT_BUFFERS_2048)
     WOLFSSL_EVP_PKEY* privKey;
     WOLFSSL_EVP_PKEY* pubKey;
     const char testData[] = "Hi There";
@@ -16866,7 +16867,7 @@ static void test_wolfSSL_EVP_MD_rsa_signing(void)
     wolfSSL_EVP_PKEY_free(privKey);
 
     printf(resultFmt, passed);
-#endif /* OPENSSL_EXTRA */
+#endif
 }
 
 
@@ -16934,7 +16935,7 @@ static void test_wolfSSL_EVP_MD_ecc_signing(void)
     wolfSSL_EVP_PKEY_free(privKey);
 
     printf(resultFmt, passed);
-#endif /* OPENSSL_EXTRA */
+#endif
 }
 
 

wolfcrypt/src/evp.c

@@ -1391,7 +1391,8 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
         case EVP_PKEY_RSA: {
             unsigned int sigSz;
             int          nid = md2nid(ctx->macType);
-            if (nid < 0) break;
+            if (nid < 0)
+                break;
             ret = wolfSSL_RSA_sign(nid, digest, hashLen, sig, &sigSz,
                                    ctx->pctx->pkey->rsa);
             if (ret >= 0)