From 63e931902b6f348d972d4e67f089dc4d5067d201 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 31 Mar 2015 11:15:48 +0200
Subject: [PATCH] Make a helpful constant public

---
 include/mbedtls/ecdsa.h | 21 ++++++++++++++++++++-
 library/ecdsa.c         | 21 +--------------------
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index 57f9b4849..b0a54831e 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -30,6 +30,25 @@
 #include "md.h"
 #endif
 
+/*
+ * RFC 4492 page 20:
+ *
+ *     Ecdsa-Sig-Value ::= SEQUENCE {
+ *         r       INTEGER,
+ *         s       INTEGER
+ *     }
+ *
+ * Size is at most
+ *    1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
+ *    twice that + 1 (tag) + 2 (len) for the sequence
+ * (assuming ECP_MAX_BYTES is less than 126 for r and s,
+ * and less than 124 (total len <= 255) for the sequence)
+ */
+#if POLARSSL_ECP_MAX_BYTES > 124
+#error "POLARSSL_ECP_MAX_BYTES bigger than expected, please fix POLARSSL_ECDSA_MAX_LEN"
+#endif
+#define POLARSSL_ECDSA_MAX_LEN  ( 3 + 2 * ( 3 + POLARSSL_ECP_MAX_BYTES ) )
+
 /**
  * \brief           ECDSA context structure
  *
@@ -124,7 +143,7 @@ int ecdsa_verify( ecp_group *grp,
  *
  * \note            The "sig" buffer must be at least as large as twice the
  *                  size of the curve used, plus 7 (eg. 71 bytes if a 256-bit
- *                  curve is used).
+ *                  curve is used). POLARSSL_ECDSA_MAX_LEN is always safe.
  *
  * \return          0 if successful,
  *                  or a POLARSSL_ERR_ECP, POLARSSL_ERR_MPI or
diff --git a/library/ecdsa.c b/library/ecdsa.c
index dfc257002..006413c2b 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -281,25 +281,6 @@ cleanup:
     return( ret );
 }
 
-/*
- * RFC 4492 page 20:
- *
- *     Ecdsa-Sig-Value ::= SEQUENCE {
- *         r       INTEGER,
- *         s       INTEGER
- *     }
- *
- * Size is at most
- *    1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
- *    twice that + 1 (tag) + 2 (len) for the sequence
- * (assuming ECP_MAX_BYTES is less than 126 for r and s,
- * and less than 124 (total len <= 255) for the sequence)
- */
-#if POLARSSL_ECP_MAX_BYTES > 124
-#error "POLARSSL_ECP_MAX_BYTES bigger than expected, please fix MAX_SIG_LEN"
-#endif
-#define MAX_SIG_LEN ( 3 + 2 * ( 3 + POLARSSL_ECP_MAX_BYTES ) )
-
 /*
  * Convert a signature (given by context) to ASN.1
  */
@@ -307,7 +288,7 @@ static int ecdsa_signature_to_asn1( ecdsa_context *ctx,
                                     unsigned char *sig, size_t *slen )
 {
     int ret;
-    unsigned char buf[MAX_SIG_LEN];
+    unsigned char buf[POLARSSL_ECDSA_MAX_LEN];
     unsigned char *p = buf + sizeof( buf );
     size_t len = 0;