From 1069667951d5b0162740649f192f8e44dae1efd9 Mon Sep 17 00:00:00 2001
From: Christian Paquin <cpaquin@microsoft.com>
Date: Fri, 19 Jul 2019 14:15:41 -0400
Subject: [PATCH] Set the picnic sig_len value before calling the low-level
 signing API, and removed this setting from the corresponding unit test.

---
 src/sig/picnic/sig_picnic.c | 15 +++++++++++++++
 tests/test_sig.c            |  1 -
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/sig/picnic/sig_picnic.c b/src/sig/picnic/sig_picnic.c
index f1dc68ef2..37e166b8a 100644
--- a/src/sig/picnic/sig_picnic.c
+++ b/src/sig/picnic/sig_picnic.c
@@ -31,6 +31,18 @@ static size_t PUB_KEY_LEN[] = {
     PICNIC_PUBLIC_KEY_SIZE(Picnic2_L3_FS),
     PICNIC_PUBLIC_KEY_SIZE(Picnic2_L5_FS),
 };
+static size_t SIG_LEN[] = {
+    0,
+    PICNIC_SIGNATURE_SIZE(Picnic_L1_FS),
+    PICNIC_SIGNATURE_SIZE(Picnic_L1_UR),
+    PICNIC_SIGNATURE_SIZE(Picnic_L3_FS),
+    PICNIC_SIGNATURE_SIZE(Picnic_L3_UR),
+    PICNIC_SIGNATURE_SIZE(Picnic_L5_FS),
+    PICNIC_SIGNATURE_SIZE(Picnic_L5_UR),
+    PICNIC_SIGNATURE_SIZE(Picnic2_L1_FS),
+    PICNIC_SIGNATURE_SIZE(Picnic2_L3_FS),
+    PICNIC_SIGNATURE_SIZE(Picnic2_L5_FS),
+};
 
 static OQS_STATUS common_picnic_keypair(picnic_params_t parameters, uint8_t *priv, uint8_t *pub) {
 	if (priv == NULL || pub == NULL) {
@@ -63,6 +75,9 @@ static OQS_STATUS common_picnic_sign(picnic_params_t parameters, const uint8_t *
 		return OQS_ERROR;
 	}
 	picnic_privatekey_t sk;
+	// picnic2's signature code checks that the sig_len value is large enough, but the OQS
+	// API treats this as an output parameters, so we set it here
+	*sig_len = SIG_LEN[parameters];
 	// deserialize the private key
 	if (picnic_read_private_key(&sk, priv, PRIV_KEY_LEN[parameters]) != 0) {
 		return OQS_ERROR;
diff --git a/tests/test_sig.c b/tests/test_sig.c
index d5d658b3d..ffcf7801d 100644
--- a/tests/test_sig.c
+++ b/tests/test_sig.c
@@ -32,7 +32,6 @@ static OQS_STATUS sig_test_correctness(const char *method_name) {
 	secret_key = malloc(sig->length_secret_key);
 	message = malloc(message_len);
 	signature = malloc(sig->length_signature);
-	signature_len = sig->length_signature;
 
 	if ((public_key == NULL) || (secret_key == NULL) || (message == NULL) || (signature == NULL)) {
 		fprintf(stderr, "ERROR: malloc failed\n");