new padding/initialization that matters on linux server

interface/src/commerce/Wallet.cpp

@@ -212,7 +212,7 @@ QPair<QByteArray*, QByteArray*> generateECKeypair() {
     // prepare the return values.  TODO: Fix this - we probably don't really even want the
     // private key at all (better to read it when we need it?).  Or maybe we do, when we have
     // multiple keys?
-    retval.first = new QByteArray(reinterpret_cast<char*>(publicKeyDER), publicKeyLength ),
+    retval.first = new QByteArray(reinterpret_cast<char*>(publicKeyDER), publicKeyLength);
     retval.second = new QByteArray(reinterpret_cast<char*>(privateKeyDER), privateKeyLength);
 
     // cleanup the publicKeyDER and publicKeyDER data
@@ -540,7 +540,8 @@ QString Wallet::signWithKey(const QByteArray& text, const QString& key) {
     qCInfo(commerce) << "Signing text" << text << "with key" << key;
     EC_KEY* ecPrivateKey = NULL;
     if ((ecPrivateKey = readPrivateKey(keyFilePath().toStdString().c_str()))) {
-        QByteArray signature(ECDSA_size(ecPrivateKey), 0);
+        unsigned char* sig = new unsigned char[ECDSA_size(ecPrivateKey)];
+
         unsigned int signatureBytes = 0;
 
         QByteArray hashedPlaintext = QCryptographicHash::hash(text, QCryptographicHash::Sha256);
@@ -549,11 +550,11 @@ QString Wallet::signWithKey(const QByteArray& text, const QString& key) {
         int retrn = ECDSA_sign(0,
             reinterpret_cast<const unsigned char*>(hashedPlaintext.constData()),
             hashedPlaintext.size(),
-            reinterpret_cast<unsigned char*>(signature.data()), 
+            sig,
             &signatureBytes, ecPrivateKey);
 
         EC_KEY_free(ecPrivateKey);
-
+        QByteArray signature(reinterpret_cast<const char*>(sig), signatureBytes);
         if (retrn != -1) {
             return signature.toBase64();
         }