Since FIPS 186-3 specifies we use the leftmost bits of the digest
authorDr. Stephen Henson <steve@openssl.org>
Tue, 1 Feb 2011 12:52:01 +0000 (12:52 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 1 Feb 2011 12:52:01 +0000 (12:52 +0000)
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.

crypto/dsa/dsa_ossl.c
fips/dsa/fips_dssvs.c

index 33ac3e1..fd75708 100644 (file)
@@ -166,15 +166,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 
        s=BN_new();
        if (s == NULL) goto err;
-
-       /* reject a excessive digest length (currently at most
-        * dsa-with-SHA256 is supported) */
-       if (dlen > SHA256_DIGEST_LENGTH)
-               {
-               reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
-               goto err;
-               }
-
        ctx=BN_CTX_new();
        if (ctx == NULL) goto err;
 redo:
@@ -370,15 +361,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
                DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
                return -1;
                }
-
-       /* reject a excessive digest length (currently at most
-        * dsa-with-SHA256 is supported) */
-       if (dgst_len > SHA256_DIGEST_LENGTH)
-               {
-               DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-               return -1;
-               }
-
        BN_init(&u1);
        BN_init(&u2);
        BN_init(&t1);
index 5e9d839..156ad05 100644 (file)
@@ -494,7 +494,9 @@ static void sigver()
     char lbuf[1024];
     unsigned char msg[1024];
     char *keyword, *value;
-    int nmod=0, n=0;
+    int n=0;
+    int dsa2, L, N;
+    const EVP_MD *md = NULL;
     DSA_SIG sg, *sig = &sg;
 
     sig->r = NULL;
@@ -507,27 +509,24 @@ static void sigver()
                fputs(buf,stdout);
                continue;
                }
+       fputs(buf,stdout);
        if(!strcmp(keyword,"[mod"))
            {
-           nmod=atoi(value);
-           if(dsa)
+           if (!parse_mod(value, &dsa2, &L, &N, &md))
+               {
+               fprintf(stderr, "Mod Parse Error\n");
+               exit (1);
+               }
+           if (dsa)
                FIPS_dsa_free(dsa);
-           dsa=FIPS_dsa_new();
+           dsa = FIPS_dsa_new();
            }
        else if(!strcmp(keyword,"P"))
            dsa->p=hex2bn(value);
        else if(!strcmp(keyword,"Q"))
            dsa->q=hex2bn(value);
        else if(!strcmp(keyword,"G"))
-           {
            dsa->g=hex2bn(value);
-
-           printf("[mod = %d]\n\n",nmod);
-           pbn("P",dsa->p);
-           pbn("Q",dsa->q);
-           pbn("G",dsa->g);
-           putc('\n',stdout);
-           }
        else if(!strcmp(keyword,"Msg"))
            {
            n=hex2bin(value,msg);
@@ -544,10 +543,7 @@ static void sigver()
            EVP_MD_CTX_init(&mctx);
            sig->s=hex2bn(value);
        
-           pbn("Y",dsa->pub_key);
-           pbn("R",sig->r);
-           pbn("S",sig->s);
-           EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL);
+           EVP_DigestInit_ex(&mctx, md, NULL);
            EVP_DigestUpdate(&mctx, msg, n);
            no_err = 1;
            r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);