From b995f453fe7eccb593e317b4f249cf14eaf4e091 Mon Sep 17 00:00:00 2001
From: Kees Monshouwer <mind04@monshouwer.org>
Date: Thu, 24 Dec 2015 00:58:49 +0100
Subject: [PATCH] Fix "random" ECDSA signature failures when using cryptopp

---
 pdns/cryptoppsigners.cc | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/pdns/cryptoppsigners.cc b/pdns/cryptoppsigners.cc
index 348ac8124..df4241da8 100644
--- a/pdns/cryptoppsigners.cc
+++ b/pdns/cryptoppsigners.cc
@@ -80,8 +80,9 @@ DNSCryptoKeyEngine::storvector_t CryptoPPECDSADNSCryptoKeyEngine<HASHER,CURVE,BI
   storvect.push_back(make_pair("Algorithm", algostr));
   
   const CryptoPP::Integer& pe=d_key->GetPrivateExponent();
-  unsigned char buffer[pe.MinEncodedSize()];
-  pe.Encode(buffer, pe.MinEncodedSize());
+  size_t len = BITS/8;
+  unsigned char buffer[len];
+  pe.Encode(buffer, len);
   storvect.push_back(make_pair("PrivateKey", string((char*)buffer, sizeof(buffer))));
   return storvect;
 }
@@ -117,11 +118,12 @@ std::string CryptoPPECDSADNSCryptoKeyEngine<HASHER,CURVE,BITS>::getPublicKeyStri
 
   const CryptoPP::Integer& qx = q.x;
   const CryptoPP::Integer& qy = q.y;
-  
-  unsigned char buffer[qx.MinEncodedSize() + qy.MinEncodedSize()];
-  qx.Encode(buffer, qx.MinEncodedSize());
-  qy.Encode(buffer + qx.MinEncodedSize(), qy.MinEncodedSize());
-  
+
+  size_t len = BITS/8;
+  unsigned char buffer[len*2];
+  qx.Encode(buffer, len);
+  qy.Encode(buffer + len, len);
+
   return string((char*)buffer, sizeof(buffer));
 }
 template<class HASHER, class CURVE, int BITS>
-- 
2.40.0