diff options
| author | djm <> | 2012-10-13 21:23:50 +0000 |
|---|---|---|
| committer | djm <> | 2012-10-13 21:23:50 +0000 |
| commit | 228cae30b117c2493f69ad3c195341cd6ec8d430 (patch) | |
| tree | 29ff00b10d52c0978077c4fd83c33b065bade73e /src/lib/libcrypto/dsa/dsa_sign.c | |
| parent | 731838c66b52c0ae5888333005b74115a620aa96 (diff) | |
| download | openbsd-228cae30b117c2493f69ad3c195341cd6ec8d430.tar.gz openbsd-228cae30b117c2493f69ad3c195341cd6ec8d430.tar.bz2 openbsd-228cae30b117c2493f69ad3c195341cd6ec8d430.zip | |
import OpenSSL-1.0.1c
Diffstat (limited to 'src/lib/libcrypto/dsa/dsa_sign.c')
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_sign.c | 50 |
1 files changed, 37 insertions, 13 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c index 17555e5892..c3cc3642ce 100644 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ b/src/lib/libcrypto/dsa/dsa_sign.c | |||
| @@ -61,30 +61,54 @@ | |||
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/dsa.h> | 62 | #include <openssl/dsa.h> |
| 63 | #include <openssl/rand.h> | 63 | #include <openssl/rand.h> |
| 64 | #include <openssl/bn.h> | ||
| 64 | 65 | ||
| 65 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | 66 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) |
| 66 | { | 67 | { |
| 68 | #ifdef OPENSSL_FIPS | ||
| 69 | if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD) | ||
| 70 | && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
| 71 | { | ||
| 72 | DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_NON_FIPS_DSA_METHOD); | ||
| 73 | return NULL; | ||
| 74 | } | ||
| 75 | #endif | ||
| 67 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); | 76 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); |
| 68 | } | 77 | } |
| 69 | 78 | ||
| 70 | int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | 79 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) |
| 71 | unsigned int *siglen, DSA *dsa) | ||
| 72 | { | 80 | { |
| 73 | DSA_SIG *s; | 81 | #ifdef OPENSSL_FIPS |
| 74 | RAND_seed(dgst, dlen); | 82 | if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD) |
| 75 | s=DSA_do_sign(dgst,dlen,dsa); | 83 | && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) |
| 76 | if (s == NULL) | ||
| 77 | { | 84 | { |
| 78 | *siglen=0; | 85 | DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NON_FIPS_DSA_METHOD); |
| 79 | return(0); | 86 | return 0; |
| 80 | } | 87 | } |
| 81 | *siglen=i2d_DSA_SIG(s,&sig); | 88 | #endif |
| 82 | DSA_SIG_free(s); | 89 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); |
| 83 | return(1); | ||
| 84 | } | 90 | } |
| 85 | 91 | ||
| 86 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | 92 | DSA_SIG *DSA_SIG_new(void) |
| 87 | { | 93 | { |
| 88 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); | 94 | DSA_SIG *sig; |
| 95 | sig = OPENSSL_malloc(sizeof(DSA_SIG)); | ||
| 96 | if (!sig) | ||
| 97 | return NULL; | ||
| 98 | sig->r = NULL; | ||
| 99 | sig->s = NULL; | ||
| 100 | return sig; | ||
| 101 | } | ||
| 102 | |||
| 103 | void DSA_SIG_free(DSA_SIG *sig) | ||
| 104 | { | ||
| 105 | if (sig) | ||
| 106 | { | ||
| 107 | if (sig->r) | ||
| 108 | BN_free(sig->r); | ||
| 109 | if (sig->s) | ||
| 110 | BN_free(sig->s); | ||
| 111 | OPENSSL_free(sig); | ||
| 112 | } | ||
| 89 | } | 113 | } |
| 90 | 114 | ||