projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
7953b8f
)
DSA verification should insist that r and s are in the allowed range.
author
Bodo Möller
<bodo@openssl.org>
Tue, 26 Jun 2001 09:48:17 +0000
(09:48 +0000)
committer
Bodo Möller
<bodo@openssl.org>
Tue, 26 Jun 2001 09:48:17 +0000
(09:48 +0000)
CHANGES
patch
|
blob
|
history
crypto/dsa/dsa_ossl.c
patch
|
blob
|
history
diff --git
a/CHANGES
b/CHANGES
index d85f3492b5e31520df602ea1eb1c551a9ec88a47..c0390345baeee5e8dc1142151170c8eeb1891ebf 100644
(file)
--- a/
CHANGES
+++ b/
CHANGES
@@
-11,6
+11,10
@@
*) applies to 0.9.6a (/0.9.6b) and 0.9.7
+) applies to 0.9.7 only
*) applies to 0.9.6a (/0.9.6b) and 0.9.7
+) applies to 0.9.7 only
+ *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
+ positive and less than q.
+ [Bodo Moeller]
+
+) Enhance the general user interface with mechanisms for inner control
and with pssibilities to have yes/no kind of prompts.
[Richard Levitte]
+) Enhance the general user interface with mechanisms for inner control
and with pssibilities to have yes/no kind of prompts.
[Richard Levitte]
diff --git
a/crypto/dsa/dsa_ossl.c
b/crypto/dsa/dsa_ossl.c
index f91a3a9959c1678e16b8e4eda0e835c0b8ffcef3..7a5adc64037b573944bd0d1dddd042a12a03e157 100644
(file)
--- a/
crypto/dsa/dsa_ossl.c
+++ b/
crypto/dsa/dsa_ossl.c
@@
-246,6
+246,17
@@
static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
BN_init(&u2);
BN_init(&t1);
BN_init(&u2);
BN_init(&t1);
+ if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
+ {
+ ret = 0;
+ goto err;
+ }
+ if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
+ {
+ ret = 0;
+ goto err;
+ }
+
/* Calculate W = inv(S) mod Q
* save W in u2 */
if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
/* Calculate W = inv(S) mod Q
* save W in u2 */
if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;