summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/crypto/dsa
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libssl/src/crypto/dsa')
-rw-r--r--lib/libssl/src/crypto/dsa/dsa.h1
-rw-r--r--lib/libssl/src/crypto/dsa/dsa_err.c1
-rw-r--r--lib/libssl/src/crypto/dsa/dsa_ossl.c21
3 files changed, 23 insertions, 0 deletions
diff --git a/lib/libssl/src/crypto/dsa/dsa.h b/lib/libssl/src/crypto/dsa/dsa.h
index 65689a34266..12b60a8faa0 100644
--- a/lib/libssl/src/crypto/dsa/dsa.h
+++ b/lib/libssl/src/crypto/dsa/dsa.h
@@ -248,6 +248,7 @@ DH *DSA_dup_DH(DSA *r);
/* Reason codes. */
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
+#define DSA_R_MISSING_PARAMETERS 101
#ifdef __cplusplus
}
diff --git a/lib/libssl/src/crypto/dsa/dsa_err.c b/lib/libssl/src/crypto/dsa/dsa_err.c
index 2b3ab3a9ad8..736aeef7c47 100644
--- a/lib/libssl/src/crypto/dsa/dsa_err.c
+++ b/lib/libssl/src/crypto/dsa/dsa_err.c
@@ -85,6 +85,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
static ERR_STRING_DATA DSA_str_reasons[]=
{
{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
+{DSA_R_MISSING_PARAMETERS ,"missing parameters"},
{0,NULL}
};
diff --git a/lib/libssl/src/crypto/dsa/dsa_ossl.c b/lib/libssl/src/crypto/dsa/dsa_ossl.c
index 5cbbdddfb96..34c6e9a1412 100644
--- a/lib/libssl/src/crypto/dsa/dsa_ossl.c
+++ b/lib/libssl/src/crypto/dsa/dsa_ossl.c
@@ -108,6 +108,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
int i,reason=ERR_R_BN_LIB;
DSA_SIG *ret=NULL;
+ if (!dsa->p || !dsa->q || !dsa->g)
+ {
+ reason=DSA_R_MISSING_PARAMETERS;
+ goto err;
+ }
BN_init(&m);
BN_init(&xr);
s=BN_new();
@@ -170,6 +175,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
BIGNUM k,*kinv=NULL,*r=NULL;
int ret=0;
+ if (!dsa->p || !dsa->q || !dsa->g)
+ {
+ DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
+ return 0;
+ }
if (ctx_in == NULL)
{
if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -233,6 +243,17 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
BN_init(&u2);
BN_init(&t1);
+ if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
+ {
+ ret = 0;
+ goto err;
+ }
+ if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
+ {
+ ret = 0;
+ goto err;
+ }
+
/* Calculate W = inv(S) mod Q
* save W in u2 */
if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.