1 files changed, 15 insertions, 1 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index a3ddd7d281..b3d78e524c 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -136,6 +136,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
        BN_CTX *ctx=NULL;
        int reason=ERR_R_BN_LIB;
        DSA_SIG *ret=NULL;
+        int noredo = 0;
        BN_init(&m);
        BN_init(&xr);
@@ -150,7 +151,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
        if (s == NULL) goto err;
        ctx=BN_CTX_new();
        if (ctx == NULL) goto err;
+redo:
        if ((dsa->kinv == NULL) || (dsa->r == NULL))
                {
                if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
@@ -161,6 +162,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
                dsa->kinv=NULL;
                r=dsa->r;
                dsa->r=NULL;
+                noredo = 1;
                }
        
@@ -181,6 +183,18 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
        ret=DSA_SIG_new();
        if (ret == NULL) goto err;
+        /* Redo if r or s is zero as required by FIPS 186-3: this is
+         * very unlikely.
+         */
+        if (BN_is_zero(r) || BN_is_zero(s))
+                {
+                if (noredo)
+                        {
+                        reason = DSA_R_NEED_NEW_SETUP_VALUES;
+                        goto err;
+                        }
+                goto redo;
+                }
        ret->r = r;
        ret->s = s;

diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index a3ddd7d281..b3d78e524c 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -136,6 +136,7 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
136	BN_CTX *ctx=NULL;	136	BN_CTX *ctx=NULL;
137	int reason=ERR_R_BN_LIB;	137	int reason=ERR_R_BN_LIB;
138	DSA_SIG *ret=NULL;	138	DSA_SIG *ret=NULL;
		139	int noredo = 0;
139		140
140	BN_init(&m);	141	BN_init(&m);
141	BN_init(&xr);	142	BN_init(&xr);
@@ -150,7 +151,7 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
150	if (s == NULL) goto err;	151	if (s == NULL) goto err;
151	ctx=BN_CTX_new();	152	ctx=BN_CTX_new();
152	if (ctx == NULL) goto err;	153	if (ctx == NULL) goto err;
153		154	redo:
154	if ((dsa->kinv == NULL) \|\| (dsa->r == NULL))	155	if ((dsa->kinv == NULL) \|\| (dsa->r == NULL))
155	{	156	{
156	if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;	157	if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
@@ -161,6 +162,7 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
161	dsa->kinv=NULL;	162	dsa->kinv=NULL;
162	r=dsa->r;	163	r=dsa->r;
163	dsa->r=NULL;	164	dsa->r=NULL;
		165	noredo = 1;
164	}	166	}
165		167
166		168
@@ -181,6 +183,18 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
181		183
182	ret=DSA_SIG_new();	184	ret=DSA_SIG_new();
183	if (ret == NULL) goto err;	185	if (ret == NULL) goto err;
		186	/* Redo if r or s is zero as required by FIPS 186-3: this is
		187	* very unlikely.
		188	*/
		189	if (BN_is_zero(r) \|\| BN_is_zero(s))
		190	{
		191	if (noredo)
		192	{
		193	reason = DSA_R_NEED_NEW_SETUP_VALUES;
		194	goto err;
		195	}
		196	goto redo;
		197	}
184	ret->r = r;	198	ret->r = r;
185	ret->s = s;	199	ret->s = s;
186		200