resolve conflicts

author: djm <> 2012-10-13 21:25:14 +0000
committer: djm <> 2012-10-13 21:25:14 +0000
commit: 93723b50b639d8dc717bc1bf463fd46e1b321239 (patch)
tree: 281e0a29ae8f87a8c47fbd4deaa1f3d48b8cc5c1 /src/lib/libcrypto/dsa/dsa_vrf.c
parent: 65e72ac55a6405783db7a12d7e35a7561d46005b (diff)
download: openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.tar.gz
openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.tar.bz2
openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.zip
1 files changed, 8 insertions, 21 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
index 226a75ff3f..674cb5fa5f 100644
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -64,26 +64,13 @@
 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
                  DSA *dsa)
        {
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+                        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
+                {
+                DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
+                return -1;
+                }
+#endif
        return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
        }
-/* data has already been hashed (probably with SHA or SHA-1). */
-/* returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
-             const unsigned char *sigbuf, int siglen, DSA *dsa)
-        {
-        DSA_SIG *s;
-        int ret=-1;
-        s = DSA_SIG_new();
-        if (s == NULL) return(ret);
-        if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
-        ret=DSA_do_verify(dgst,dgst_len,s,dsa);
-err:
-        DSA_SIG_free(s);
-        return(ret);
-        }
author	djm <>	2012-10-13 21:25:14 +0000
committer	djm <>	2012-10-13 21:25:14 +0000
commit	93723b50b639d8dc717bc1bf463fd46e1b321239 (patch)
tree	281e0a29ae8f87a8c47fbd4deaa1f3d48b8cc5c1 /src/lib/libcrypto/dsa/dsa_vrf.c
parent	65e72ac55a6405783db7a12d7e35a7561d46005b (diff)
download	openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.tar.gz openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.tar.bz2 openbsd-93723b50b639d8dc717bc1bf463fd46e1b321239.zip

diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c index 226a75ff3f..674cb5fa5f 100644 --- a/src/lib/libcrypto/dsa/dsa_vrf.c +++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -64,26 +64,13 @@
64	int DSA_do_verify(const unsigned char dgst, int dgst_len, DSA_SIG sig,	64	int DSA_do_verify(const unsigned char dgst, int dgst_len, DSA_SIG sig,
65	DSA *dsa)	65	DSA *dsa)
66	{	66	{
		67	#ifdef OPENSSL_FIPS
		68	if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
		69	&& !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
		70	{
		71	DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
		72	return -1;
		73	}
		74	#endif
67	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);	75	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
68	}	76	}
69
70	/* data has already been hashed (probably with SHA or SHA-1). */
71	/* returns
72	* 1: correct signature
73	* 0: incorrect signature
74	* -1: error
75	*/
76	int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
77	const unsigned char sigbuf, int siglen, DSA dsa)
78	{
79	DSA_SIG *s;
80	int ret=-1;
81
82	s = DSA_SIG_new();
83	if (s == NULL) return(ret);
84	if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
85	ret=DSA_do_verify(dgst,dgst_len,s,dsa);
86	err:
87	DSA_SIG_free(s);
88	return(ret);
89	}