summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/dsa.h1
-rw-r--r--src/lib/libcrypto/dsa/dsa_err.c1
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c21
3 files changed, 23 insertions, 0 deletions
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
index 65689a3426..12b60a8faa 100644
--- a/src/lib/libcrypto/dsa/dsa.h
+++ b/src/lib/libcrypto/dsa/dsa.h
@@ -248,6 +248,7 @@ DH *DSA_dup_DH(DSA *r);
248 248
249/* Reason codes. */ 249/* Reason codes. */
250#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 250#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
251#define DSA_R_MISSING_PARAMETERS 101
251 252
252#ifdef __cplusplus 253#ifdef __cplusplus
253} 254}
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
index 2b3ab3a9ad..736aeef7c4 100644
--- a/src/lib/libcrypto/dsa/dsa_err.c
+++ b/src/lib/libcrypto/dsa/dsa_err.c
@@ -85,6 +85,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
85static ERR_STRING_DATA DSA_str_reasons[]= 85static ERR_STRING_DATA DSA_str_reasons[]=
86 { 86 {
87{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, 87{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
88{DSA_R_MISSING_PARAMETERS ,"missing parameters"},
88{0,NULL} 89{0,NULL}
89 }; 90 };
90 91
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 5cbbdddfb9..34c6e9a141 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -108,6 +108,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
108 int i,reason=ERR_R_BN_LIB; 108 int i,reason=ERR_R_BN_LIB;
109 DSA_SIG *ret=NULL; 109 DSA_SIG *ret=NULL;
110 110
111 if (!dsa->p || !dsa->q || !dsa->g)
112 {
113 reason=DSA_R_MISSING_PARAMETERS;
114 goto err;
115 }
111 BN_init(&m); 116 BN_init(&m);
112 BN_init(&xr); 117 BN_init(&xr);
113 s=BN_new(); 118 s=BN_new();
@@ -170,6 +175,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
170 BIGNUM k,*kinv=NULL,*r=NULL; 175 BIGNUM k,*kinv=NULL,*r=NULL;
171 int ret=0; 176 int ret=0;
172 177
178 if (!dsa->p || !dsa->q || !dsa->g)
179 {
180 DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
181 return 0;
182 }
173 if (ctx_in == NULL) 183 if (ctx_in == NULL)
174 { 184 {
175 if ((ctx=BN_CTX_new()) == NULL) goto err; 185 if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -233,6 +243,17 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
233 BN_init(&u2); 243 BN_init(&u2);
234 BN_init(&t1); 244 BN_init(&t1);
235 245
246 if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
247 {
248 ret = 0;
249 goto err;
250 }
251 if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
252 {
253 ret = 0;
254 goto err;
255 }
256
236 /* Calculate W = inv(S) mod Q 257 /* Calculate W = inv(S) mod Q
237 * save W in u2 */ 258 * save W in u2 */
238 if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; 259 if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-09 02:53:41 +0000