Fix for missing DSA parameters.

CHANGES

@@ -4,6 +4,11 @@
 
  Changes between 0.9.6a and 0.9.6b  [XX xxx XXXX]
 
+  *) Fix various bugs related to DSA S/MIME verification. Handle missing
+     parameters in DSA public key structures and return an error in the
+     DSA routines if parameters are absent.
+     [Steve Henson]
+
   *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
      in the current directory if neither $RANDFILE nor $HOME was set.
      RAND_file_name() in 0.9.6a returned NULL in this case.  This has

crypto/asn1/x_pubkey.c

@@ -234,7 +234,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 	a=key->algor;
 	if (ret->type == EVP_PKEY_DSA)
 		{
-		if (a->parameter->type == V_ASN1_SEQUENCE)
+		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
 			{
 			ret->pkey.dsa->write_params=0;
 			p=a->parameter->value.sequence->data;

crypto/dsa/dsa.h

@@ -236,6 +236,7 @@ DH *DSA_dup_DH(DSA *r);
 
 /* Reason codes. */
 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
+#define DSA_R_MISSING_PARAMETERS			 101
 
 #ifdef  __cplusplus
 }

crypto/dsa/dsa_err.c

@@ -85,6 +85,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
 static ERR_STRING_DATA DSA_str_reasons[]=
 	{
 {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{DSA_R_MISSING_PARAMETERS                ,"missing parameters"},
 {0,NULL}
 	};
 

crypto/dsa/dsa_ossl.c

@@ -105,6 +105,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	int i,reason=ERR_R_BN_LIB;
 	DSA_SIG *ret=NULL;
 
+	if (!dsa->p || !dsa->q || !dsa->g)
+		{
+		reason=DSA_R_MISSING_PARAMETERS;
+		goto err;
+		}
 	BN_init(&m);
 	BN_init(&xr);
 	s=BN_new();
@@ -167,6 +172,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	BIGNUM k,*kinv=NULL,*r=NULL;
 	int ret=0;
 
+	if (!dsa->p || !dsa->q || !dsa->g)
+		{
+		DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
+		return 0;
+		}
 	if (ctx_in == NULL)
 		{
 		if ((ctx=BN_CTX_new()) == NULL) goto err;