Add secure DSA nonce flag.

[openssl.git] / crypto / dsa / dsa_sign.c

diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index e9469ca62fd6f8a95c19323c3ad8178da1b50063..b7e4caab2aff91ac2d37ced1621f080ef717ce78 100644 (file)
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -58,36 +58,26 @@
 
 /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 
-#include <stdio.h>
+#define OPENSSL_FIPSAPI
+
 #include "cryptlib.h"
-#include <openssl/bn.h>
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
-#include <openssl/asn1.h>
-#include <openssl/engine.h>
+#include <openssl/bn.h>
 
 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
        {
        return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
        }
 
-int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
-            unsigned int *siglen, DSA *dsa)
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
        {
-       DSA_SIG *s;
-       s=DSA_do_sign(dgst,dlen,dsa);
-       if (s == NULL)
+       if (dsa->flags & DSA_FLAG_NONCE_FROM_HASH)
                {
-               *siglen=0;
-               return(0);
+               /* One cannot precompute the DSA nonce if it is required to
+                * depend on the message. */
+               DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NONCE_CANNOT_BE_PRECOMPUTED);
+               return 0;
                }
-       *siglen=i2d_DSA_SIG(s,&sig);
-       DSA_SIG_free(s);
-       return(1);
+       return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp, NULL, 0);
        }
-
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-       {
-       return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
-       }
-