summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c3
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c20
2 files changed, 2 insertions, 21 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index 0fcd25f8b0..cb0b4538a4 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -120,7 +120,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
120 BIGNUM *r0,*W,*X,*c,*test; 120 BIGNUM *r0,*W,*X,*c,*test;
121 BIGNUM *g=NULL,*q=NULL,*p=NULL; 121 BIGNUM *g=NULL,*q=NULL,*p=NULL;
122 BN_MONT_CTX *mont=NULL; 122 BN_MONT_CTX *mont=NULL;
123 int i, k,n=0,b,m=0, qsize = qbits >> 3; 123 int i, k, n=0, m=0, qsize = qbits >> 3;
124 int counter=0; 124 int counter=0;
125 int r=0; 125 int r=0;
126 BN_CTX *ctx=NULL; 126 BN_CTX *ctx=NULL;
@@ -232,7 +232,6 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
232 /* "offset = 2" */ 232 /* "offset = 2" */
233 233
234 n=(bits-1)/160; 234 n=(bits-1)/160;
235 b=(bits-1)-n*160;
236 235
237 for (;;) 236 for (;;)
238 { 237 {
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 4fead07e80..a3ddd7d281 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -148,15 +148,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
148 148
149 s=BN_new(); 149 s=BN_new();
150 if (s == NULL) goto err; 150 if (s == NULL) goto err;
151
152 /* reject a excessive digest length (currently at most
153 * dsa-with-SHA256 is supported) */
154 if (dlen > SHA256_DIGEST_LENGTH)
155 {
156 reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
157 goto err;
158 }
159
160 ctx=BN_CTX_new(); 151 ctx=BN_CTX_new();
161 if (ctx == NULL) goto err; 152 if (ctx == NULL) goto err;
162 153
@@ -185,7 +176,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
185 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ 176 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
186 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ 177 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
187 if (BN_cmp(s,dsa->q) > 0) 178 if (BN_cmp(s,dsa->q) > 0)
188 BN_sub(s,s,dsa->q); 179 if (!BN_sub(s,s,dsa->q)) goto err;
189 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; 180 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
190 181
191 ret=DSA_SIG_new(); 182 ret=DSA_SIG_new();
@@ -325,15 +316,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
325 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE); 316 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
326 return -1; 317 return -1;
327 } 318 }
328
329 /* reject a excessive digest length (currently at most
330 * dsa-with-SHA256 is supported) */
331 if (dgst_len > SHA256_DIGEST_LENGTH)
332 {
333 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
334 return -1;
335 }
336
337 BN_init(&u1); 319 BN_init(&u1);
338 BN_init(&u2); 320 BN_init(&u2);
339 BN_init(&t1); 321 BN_init(&t1);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 14:11:41 +0000