diff options
| author | tb <> | 2022-02-24 08:35:45 +0000 |
|---|---|---|
| committer | tb <> | 2022-02-24 08:35:45 +0000 |
| commit | 9e79e924be0dc59fb8cf7fcea9b71cc4e1c740ce (patch) | |
| tree | 8dd89452d12d996b72b9ca735a2001b7c6958be5 /src/lib | |
| parent | 3e848a5d39e531c0032e55e9a21fa7baca49e241 (diff) | |
| download | openbsd-9e79e924be0dc59fb8cf7fcea9b71cc4e1c740ce.tar.gz openbsd-9e79e924be0dc59fb8cf7fcea9b71cc4e1c740ce.tar.bz2 openbsd-9e79e924be0dc59fb8cf7fcea9b71cc4e1c740ce.zip | |
Minor tweaks
i is a silly name for BN_num_bits(dsa->q); move a comment for readability.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_ossl.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index ec11a08b5c..c306fc2d6c 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dsa_ossl.c,v 1.43 2022/01/07 09:35:36 tb Exp $ */ | 1 | /* $OpenBSD: dsa_ossl.c,v 1.44 2022/02/24 08:35:45 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -315,24 +315,25 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) | |||
| 315 | BN_CTX *ctx; | 315 | BN_CTX *ctx; |
| 316 | BIGNUM u1, u2, t1; | 316 | BIGNUM u1, u2, t1; |
| 317 | BN_MONT_CTX *mont = NULL; | 317 | BN_MONT_CTX *mont = NULL; |
| 318 | int ret = -1, i; | 318 | int qbits; |
| 319 | int ret = -1; | ||
| 319 | 320 | ||
| 320 | if (!dsa->p || !dsa->q || !dsa->g) { | 321 | if (!dsa->p || !dsa->q || !dsa->g) { |
| 321 | DSAerror(DSA_R_MISSING_PARAMETERS); | 322 | DSAerror(DSA_R_MISSING_PARAMETERS); |
| 322 | return -1; | 323 | return -1; |
| 323 | } | 324 | } |
| 324 | 325 | ||
| 325 | i = BN_num_bits(dsa->q); | ||
| 326 | /* FIPS 186-3 allows only three different sizes for q. */ | 326 | /* FIPS 186-3 allows only three different sizes for q. */ |
| 327 | if (i != 160 && i != 224 && i != 256) { | 327 | qbits = BN_num_bits(dsa->q); |
| 328 | if (qbits != 160 && qbits != 224 && qbits != 256) { | ||
| 328 | DSAerror(DSA_R_BAD_Q_VALUE); | 329 | DSAerror(DSA_R_BAD_Q_VALUE); |
| 329 | return -1; | 330 | return -1; |
| 330 | } | 331 | } |
| 331 | |||
| 332 | if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { | 332 | if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { |
| 333 | DSAerror(DSA_R_MODULUS_TOO_LARGE); | 333 | DSAerror(DSA_R_MODULUS_TOO_LARGE); |
| 334 | return -1; | 334 | return -1; |
| 335 | } | 335 | } |
| 336 | |||
| 336 | BN_init(&u1); | 337 | BN_init(&u1); |
| 337 | BN_init(&u2); | 338 | BN_init(&u2); |
| 338 | BN_init(&t1); | 339 | BN_init(&t1); |
| @@ -359,8 +360,8 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) | |||
| 359 | * If the digest length is greater than the size of q use the | 360 | * If the digest length is greater than the size of q use the |
| 360 | * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-3, 4.2. | 361 | * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-3, 4.2. |
| 361 | */ | 362 | */ |
| 362 | if (dgst_len > (i >> 3)) | 363 | if (dgst_len > (qbits >> 3)) |
| 363 | dgst_len = (i >> 3); | 364 | dgst_len = (qbits >> 3); |
| 364 | 365 | ||
| 365 | /* Save m in u1. */ | 366 | /* Save m in u1. */ |
| 366 | if (BN_bin2bn(dgst, dgst_len, &u1) == NULL) | 367 | if (BN_bin2bn(dgst, dgst_len, &u1) == NULL) |