Since FIPS 186-3 specifies we use the leftmost bits of the digest

we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.

diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 1b416901b43f8d6feff6c3748b86ad2e70658b1c..b3d78e524cf4f90ebec6be28e798da53672b38dc 100644 (file)
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -149,15 +149,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 
        s=BN_new();
        if (s == NULL) goto err;
-
-       /* reject a excessive digest length (currently at most
-        * dsa-with-SHA256 is supported) */
-       if (dlen > SHA256_DIGEST_LENGTH)
-               {
-               reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
-               goto err;
-               }
-
        ctx=BN_CTX_new();
        if (ctx == NULL) goto err;
 redo:
@@ -339,15 +330,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
                DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
                return -1;
                }
-
-       /* reject a excessive digest length (currently at most
-        * dsa-with-SHA256 is supported) */
-       if (dgst_len > SHA256_DIGEST_LENGTH)
-               {
-               DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-               return -1;
-               }
-
        BN_init(&u1);
        BN_init(&u2);
        BN_init(&t1);