openssl security fixes, diff from markus@, ok & "commit it" djm@

http://www.openssl.org/news/secadv_20060928.txt for more
author: pvalchev <> 2006-10-04 07:10:32 +0000
committer: pvalchev <> 2006-10-04 07:10:32 +0000
commit: 2ae4a931445dd6121f260bcc0af2dde32a871cd0 (patch)
tree: 79c58b0010b91a2778efdc406095e24c85a41ae1 /src/lib/libcrypto/dsa/dsa_ossl.c
parent: c2d940ce6f2c3ef66262b7c1953e6286cf68b267 (diff)
download: openbsd-2ae4a931445dd6121f260bcc0af2dde32a871cd0.tar.gz
openbsd-2ae4a931445dd6121f260bcc0af2dde32a871cd0.tar.bz2
openbsd-2ae4a931445dd6121f260bcc0af2dde32a871cd0.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 12509a7083..5de5fc7e91 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -274,6 +274,18 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
                return -1;
                }
+        if (BN_num_bits(dsa->q) != 160)
+                {
+                DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE);
+                return -1;
+                }
+        if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
+                {
+                DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
+                return -1;
+                }
        BN_init(&u1);
        BN_init(&u2);
        BN_init(&t1);
author	pvalchev <>	2006-10-04 07:10:32 +0000
committer	pvalchev <>	2006-10-04 07:10:32 +0000
commit	2ae4a931445dd6121f260bcc0af2dde32a871cd0 (patch)
tree	79c58b0010b91a2778efdc406095e24c85a41ae1 /src/lib/libcrypto/dsa/dsa_ossl.c
parent	c2d940ce6f2c3ef66262b7c1953e6286cf68b267 (diff)
download	openbsd-2ae4a931445dd6121f260bcc0af2dde32a871cd0.tar.gz openbsd-2ae4a931445dd6121f260bcc0af2dde32a871cd0.tar.bz2 openbsd-2ae4a931445dd6121f260bcc0af2dde32a871cd0.zip

diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index 12509a7083..5de5fc7e91 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -274,6 +274,18 @@ static int dsa_do_verify(const unsigned char dgst, int dgst_len, DSA_SIG sig,
274	return -1;	274	return -1;
275	}	275	}
276		276
		277	if (BN_num_bits(dsa->q) != 160)
		278	{
		279	DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE);
		280	return -1;
		281	}
		282
		283	if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
		284	{
		285	DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
		286	return -1;
		287	}
		288
277	BN_init(&u1);	289	BN_init(&u1);
278	BN_init(&u2);	290	BN_init(&u2);
279	BN_init(&t1);	291	BN_init(&t1);