mark all block comments that need format preserving so that

[openssl.git] / crypto / dsa / dsa_asn1.c

diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 60585343746d97d64c0d2e26dea335b69c763f0f..8c75ec12b91b604bac67511b35df1267dbe6fa7a 100644 (file)
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -167,7 +167,8 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
        }
 
 /* data has already been hashed (probably with SHA or SHA-1). */
-/* returns
+/*-
+ * returns
  *      1: correct signature
  *      0: incorrect signature
  *     -1: error
@@ -176,13 +177,25 @@ int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
             const unsigned char *sigbuf, int siglen, DSA *dsa)
        {
        DSA_SIG *s;
+       const unsigned char *p = sigbuf;
+       unsigned char *der = NULL;
+       int derlen = -1;
        int ret=-1;
 
        s = DSA_SIG_new();
        if (s == NULL) return(ret);
-       if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
+       if (d2i_DSA_SIG(&s,&p,siglen) == NULL) goto err;
+       /* Ensure signature uses DER and doesn't have trailing garbage */
+       derlen = i2d_DSA_SIG(s, &der);
+       if (derlen != siglen || memcmp(sigbuf, der, derlen))
+               goto err;
        ret=DSA_do_verify(dgst,dgst_len,s,dsa);
 err:
+       if (derlen > 0)
+               {
+               OPENSSL_cleanse(der, derlen);
+               OPENSSL_free(der);
+               }
        DSA_SIG_free(s);
        return(ret);
        }