1 files changed, 21 insertions, 0 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 5cbbdddfb9..34c6e9a141 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -108,6 +108,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
        int i,reason=ERR_R_BN_LIB;
        DSA_SIG *ret=NULL;
+        if (!dsa->p || !dsa->q || !dsa->g)
+                {
+                reason=DSA_R_MISSING_PARAMETERS;
+                goto err;
+                }
        BN_init(&m);
        BN_init(&xr);
        s=BN_new();
@@ -170,6 +175,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
        BIGNUM k,*kinv=NULL,*r=NULL;
        int ret=0;
+        if (!dsa->p || !dsa->q || !dsa->g)
+                {
+                DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
+                return 0;
+                }
        if (ctx_in == NULL)
                {
                if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -233,6 +243,17 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
        BN_init(&u2);
        BN_init(&t1);
+        if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
+                {
+                ret = 0;
+                goto err;
+                }
+        if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
+                {
+                ret = 0;
+                goto err;
+                }
        /* Calculate W = inv(S) mod Q
         * save W in u2 */
        if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;

diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index 5cbbdddfb9..34c6e9a141 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -108,6 +108,11 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
108	int i,reason=ERR_R_BN_LIB;	108	int i,reason=ERR_R_BN_LIB;
109	DSA_SIG *ret=NULL;	109	DSA_SIG *ret=NULL;
110		110
		111	if (!dsa->p \|\| !dsa->q \|\| !dsa->g)
		112	{
		113	reason=DSA_R_MISSING_PARAMETERS;
		114	goto err;
		115	}
111	BN_init(&m);	116	BN_init(&m);
112	BN_init(&xr);	117	BN_init(&xr);
113	s=BN_new();	118	s=BN_new();
@@ -170,6 +175,11 @@ static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM kinvp, BIGNUM rp)
170	BIGNUM k,kinv=NULL,r=NULL;	175	BIGNUM k,kinv=NULL,r=NULL;
171	int ret=0;	176	int ret=0;
172		177
		178	if (!dsa->p \|\| !dsa->q \|\| !dsa->g)
		179	{
		180	DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
		181	return 0;
		182	}
173	if (ctx_in == NULL)	183	if (ctx_in == NULL)
174	{	184	{
175	if ((ctx=BN_CTX_new()) == NULL) goto err;	185	if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -233,6 +243,17 @@ static int dsa_do_verify(const unsigned char dgst, int dgst_len, DSA_SIG sig,
233	BN_init(&u2);	243	BN_init(&u2);
234	BN_init(&t1);	244	BN_init(&t1);
235		245
		246	if (BN_is_zero(sig->r) \|\| sig->r->neg \|\| BN_ucmp(sig->r, dsa->q) >= 0)
		247	{
		248	ret = 0;
		249	goto err;
		250	}
		251	if (BN_is_zero(sig->s) \|\| sig->s->neg \|\| BN_ucmp(sig->s, dsa->q) >= 0)
		252	{
		253	ret = 0;
		254	goto err;
		255	}
		256
236	/* Calculate W = inv(S) mod Q	257	/* Calculate W = inv(S) mod Q
237	* save W in u2 */	258	* save W in u2 */
238	if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;	259	if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;