generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

recalculate DSA signature if r or s is zero (FIPS 186-3 requirement)

Browse Source
This commit is contained in:
Dr. Stephen Henson
2011-01-25 16:01:29 +00:00
parent 6e0375d504
commit 245a7eee17
3 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crypto/dsa/dsa_ossl.c
View File

@@ -136,6 +136,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
BN_CTX *ctx=NULL;
int reason=ERR_R_BN_LIB;
DSA_SIG *ret=NULL;
int noredo = 0;
BN_init(&m);
BN_init(&xr);
@@ -159,7 +160,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
redo:
if ((dsa->kinv == NULL) || (dsa->r == NULL))
{
if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
@@ -170,6 +171,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
dsa->kinv=NULL;
r=dsa->r;
dsa->r=NULL;
noredo = 1;
}
@@ -190,6 +192,18 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
ret=DSA_SIG_new();
if (ret == NULL) goto err;
/* Redo if r or s is zero as required by FIPS 186-3: this is
* very unlikely.
*/
if (BN_is_zero(r) || BN_is_zero(s))
{
if (noredo)
{
reason = DSA_R_NEED_NEW_SETUP_VALUES;
goto err;
}
goto redo;
}
ret->r = r;
ret->s = s;