projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Introduce limits to prevent malicious keys being able to
[openssl.git]
/
crypto
/
dsa
/
dsa_ossl.c
diff --git
a/crypto/dsa/dsa_ossl.c
b/crypto/dsa/dsa_ossl.c
index 3fd8a35613d32dce4d252a6c65986df615210fe7..2fab8dc65a7d7c6c5ad3a2992845755528d80693 100644
(file)
--- a/
crypto/dsa/dsa_ossl.c
+++ b/
crypto/dsa/dsa_ossl.c
@@
-281,11
+281,10
@@
err:
if (!ret)
{
DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
if (!ret)
{
DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
- if (
kinv != NULL) BN_clear_free(kinv);
-
if (r != NULL)
BN_clear_free(r);
+ if (
r != NULL)
+
BN_clear_free(r);
}
if (ctx_in == NULL) BN_CTX_free(ctx);
}
if (ctx_in == NULL) BN_CTX_free(ctx);
- if (kinv != NULL) BN_clear_free(kinv);
BN_clear_free(&k);
BN_clear_free(&kq);
return(ret);
BN_clear_free(&k);
BN_clear_free(&kq);
return(ret);
@@
-304,6
+303,18
@@
static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
return -1;
}
return -1;
}
+ if (BN_num_bits(dsa->q) != 160)
+ {
+ DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE);
+ return -1;
+ }
+
+ if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
+ {
+ DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
+ return -1;
+ }
+
BN_init(&u1);
BN_init(&u2);
BN_init(&t1);
BN_init(&u1);
BN_init(&u2);
BN_init(&t1);