1 files changed, 9 insertions, 5 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 37dd5fc994..b9e7f3ea5c 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -64,7 +64,6 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
-#include <openssl/engine.h>
 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
@@ -106,13 +105,15 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
        int i,reason=ERR_R_BN_LIB;
        DSA_SIG *ret=NULL;
+        BN_init(&m);
+        BN_init(&xr);
        if (!dsa->p || !dsa->q || !dsa->g)
                {
                reason=DSA_R_MISSING_PARAMETERS;
                goto err;
                }
-        BN_init(&m);
-        BN_init(&xr);
        s=BN_new();
        if (s == NULL) goto err;
@@ -178,6 +179,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
                DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
                return 0;
                }
+        BN_init(&k);
        if (ctx_in == NULL)
                {
                if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -185,7 +189,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
        else
                ctx=ctx_in;
-        BN_init(&k);
        if ((r=BN_new()) == NULL) goto err;
        kinv=NULL;
@@ -241,11 +244,12 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
                return -1;
                }
-        if ((ctx=BN_CTX_new()) == NULL) goto err;
        BN_init(&u1);
        BN_init(&u2);
        BN_init(&t1);
+        if ((ctx=BN_CTX_new()) == NULL) goto err;
        if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
                {
                ret = 0;

diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index 37dd5fc994..b9e7f3ea5c 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -64,7 +64,6 @@
64	#include <openssl/dsa.h>	64	#include <openssl/dsa.h>
65	#include <openssl/rand.h>	65	#include <openssl/rand.h>
66	#include <openssl/asn1.h>	66	#include <openssl/asn1.h>
67	#include <openssl/engine.h>
68		67
69	static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa);	68	static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa);
70	static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM kinvp, BIGNUM rp);	69	static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM kinvp, BIGNUM rp);
@@ -106,13 +105,15 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
106	int i,reason=ERR_R_BN_LIB;	105	int i,reason=ERR_R_BN_LIB;
107	DSA_SIG *ret=NULL;	106	DSA_SIG *ret=NULL;
108		107
		108	BN_init(&m);
		109	BN_init(&xr);
		110
109	if (!dsa->p \|\| !dsa->q \|\| !dsa->g)	111	if (!dsa->p \|\| !dsa->q \|\| !dsa->g)
110	{	112	{
111	reason=DSA_R_MISSING_PARAMETERS;	113	reason=DSA_R_MISSING_PARAMETERS;
112	goto err;	114	goto err;
113	}	115	}
114	BN_init(&m);	116
115	BN_init(&xr);
116	s=BN_new();	117	s=BN_new();
117	if (s == NULL) goto err;	118	if (s == NULL) goto err;
118		119
@@ -178,6 +179,9 @@ static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM kinvp, BIGNUM rp)
178	DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);	179	DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
179	return 0;	180	return 0;
180	}	181	}
		182
		183	BN_init(&k);
		184
181	if (ctx_in == NULL)	185	if (ctx_in == NULL)
182	{	186	{
183	if ((ctx=BN_CTX_new()) == NULL) goto err;	187	if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -185,7 +189,6 @@ static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM kinvp, BIGNUM rp)
185	else	189	else
186	ctx=ctx_in;	190	ctx=ctx_in;
187		191
188	BN_init(&k);
189	if ((r=BN_new()) == NULL) goto err;	192	if ((r=BN_new()) == NULL) goto err;
190	kinv=NULL;	193	kinv=NULL;
191		194
@@ -241,11 +244,12 @@ static int dsa_do_verify(const unsigned char dgst, int dgst_len, DSA_SIG sig,
241	return -1;	244	return -1;
242	}	245	}
243		246
244	if ((ctx=BN_CTX_new()) == NULL) goto err;
245	BN_init(&u1);	247	BN_init(&u1);
246	BN_init(&u2);	248	BN_init(&u2);
247	BN_init(&t1);	249	BN_init(&t1);
248		250
		251	if ((ctx=BN_CTX_new()) == NULL) goto err;
		252
249	if (BN_is_zero(sig->r) \|\| sig->r->neg \|\| BN_ucmp(sig->r, dsa->q) >= 0)	253	if (BN_is_zero(sig->r) \|\| sig->r->neg \|\| BN_ucmp(sig->r, dsa->q) >= 0)
250	{	254	{
251	ret = 0;	255	ret = 0;