return an error if the supplied precomputed values lead to an invalid signature

author Nils Larsch <nils@openssl.org>

Wed, 4 Oct 2006 19:55:03 +0000 (19:55 +0000)

committer Nils Larsch <nils@openssl.org>

Wed, 4 Oct 2006 19:55:03 +0000 (19:55 +0000)
author Nils Larsch <nils@openssl.org>
Wed, 4 Oct 2006 19:55:03 +0000 (19:55 +0000)
committer Nils Larsch <nils@openssl.org>
Wed, 4 Oct 2006 19:55:03 +0000 (19:55 +0000)
diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h

index 76c5a4aa2ae01bca9206cb59c9f518f6491006a4..f20c8ee7381eb7e4b56f31f4948a37be02367961 100644 (file)
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -261,6 +261,7 @@ void ERR_load_ECDSA_strings(void);
  #define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE             101
  #define ECDSA_R_ERR_EC_LIB                              102
  #define ECDSA_R_MISSING_PARAMETERS                      103
+#define ECDSA_R_NEED_NEW_SETUP_VALUES                   106
  #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED                 104
  #define ECDSA_R_SIGNATURE_MALLOC_FAILED                         105
  
diff --git a/crypto/ecdsa/ecs_err.c b/crypto/ecdsa/ecs_err.c

index 90f1942e79fd1d59f9b38c052b228f46ec7109ff..7e85434c75c0d115ff6e0b6f52c71eef7d26e419 100644 (file)
--- a/crypto/ecdsa/ecs_err.c
+++ b/crypto/ecdsa/ecs_err.c
@@ -70,7 +70,7 @@
  
  static ERR_STRING_DATA ECDSA_str_functs[]=
         {
-{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),      "ECDSA_DATA_new_method"},
+{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),      "ECDSA_DATA_NEW_METHOD"},
  {ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN),      "ECDSA_do_sign"},
  {ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY),    "ECDSA_do_verify"},
  {ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP),   "ECDSA_sign_setup"},
@@ -83,6 +83,7 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
  {ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
  {ERR_REASON(ECDSA_R_ERR_EC_LIB)          ,"err ec lib"},
  {ERR_REASON(ECDSA_R_MISSING_PARAMETERS)  ,"missing parameters"},
+{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"},
  {ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"},
  {ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"},
  {0,NULL}
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c

index 8be45ddc9369932e76924baf3babd9d4f3a3c118..32d66a97741d43ae11be4088f0a4767e7826cf06 100644 (file)
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -299,8 +299,21 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
                         ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
                         goto err;
                 }
+               if (BN_is_zero(s))
+               {
+                       /* if kinv and r have been supplied by the caller
+                        * don't to generate new kinv and r values */
+                       if (in_kinv != NULL && in_r != NULL)
+                       {
+                               ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
+                               goto err;
+                       }
+               }
+               else
+                       /* s != 0 => we have a valid signature */
+                       break;
         }
-       while (BN_is_zero(s));
+       while (1);
  
         ok = 1;
  err:
author	Nils Larsch <nils@openssl.org>
	Wed, 4 Oct 2006 19:55:03 +0000 (19:55 +0000)
committer	Nils Larsch <nils@openssl.org>
	Wed, 4 Oct 2006 19:55:03 +0000 (19:55 +0000)
crypto/ecdsa/ecdsa.h		patch \| blob \| history
crypto/ecdsa/ecs_err.c		patch \| blob \| history
crypto/ecdsa/ecs_ossl.c		patch \| blob \| history