diff options
| author | Matthew Garrett <mjg@redhat.com> | 2012-07-02 12:33:42 -0400 |
|---|---|---|
| committer | Matthew Garrett <mjg@redhat.com> | 2012-07-02 12:33:42 -0400 |
| commit | e21cbf4d9bafebb2560d1acac1e47e879c7f7493 (patch) | |
| tree | 308e31c8b7338e11843ac324ce20b89d765c3f45 /Cryptlib/OpenSSL/crypto/dsa | |
| parent | 5b1bf5583c3b6b523446b2b938f5f8355f488052 (diff) | |
| download | efi-boot-shim-e21cbf4d9bafebb2560d1acac1e47e879c7f7493.tar.gz efi-boot-shim-e21cbf4d9bafebb2560d1acac1e47e879c7f7493.zip | |
Update OpenSSL
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/dsa')
| -rwxr-xr-x | Cryptlib/OpenSSL/crypto/dsa/dsa_asn1.c | 2 | ||||
| -rwxr-xr-x | Cryptlib/OpenSSL/crypto/dsa/dsa_gen.c | 3 | ||||
| -rwxr-xr-x | Cryptlib/OpenSSL/crypto/dsa/dsa_lib.c | 2 | ||||
| -rwxr-xr-x | Cryptlib/OpenSSL/crypto/dsa/dsa_ossl.c | 3 |
4 files changed, 6 insertions, 4 deletions
diff --git a/Cryptlib/OpenSSL/crypto/dsa/dsa_asn1.c b/Cryptlib/OpenSSL/crypto/dsa/dsa_asn1.c index 0645facb..bc7d7a02 100755 --- a/Cryptlib/OpenSSL/crypto/dsa/dsa_asn1.c +++ b/Cryptlib/OpenSSL/crypto/dsa/dsa_asn1.c @@ -62,6 +62,7 @@ #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/bn.h> +#include <openssl/rand.h> #ifdef OPENSSL_FIPS #include <openssl/fips.h> #endif @@ -155,6 +156,7 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, return 0; } #endif + RAND_seed(dgst, dlen); s=DSA_do_sign(dgst,dlen,dsa); if (s == NULL) { diff --git a/Cryptlib/OpenSSL/crypto/dsa/dsa_gen.c b/Cryptlib/OpenSSL/crypto/dsa/dsa_gen.c index 6f1728e3..7a9d1881 100755 --- a/Cryptlib/OpenSSL/crypto/dsa/dsa_gen.c +++ b/Cryptlib/OpenSSL/crypto/dsa/dsa_gen.c @@ -110,7 +110,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, BIGNUM *r0,*W,*X,*c,*test; BIGNUM *g=NULL,*q=NULL,*p=NULL; BN_MONT_CTX *mont=NULL; - int k,n=0,i,b,m=0; + int k,n=0,i,m=0; int counter=0; int r=0; BN_CTX *ctx=NULL; @@ -211,7 +211,6 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, /* "offset = 2" */ n=(bits-1)/160; - b=(bits-1)-n*160; for (;;) { diff --git a/Cryptlib/OpenSSL/crypto/dsa/dsa_lib.c b/Cryptlib/OpenSSL/crypto/dsa/dsa_lib.c index 7ac9dc8c..85556d12 100755 --- a/Cryptlib/OpenSSL/crypto/dsa/dsa_lib.c +++ b/Cryptlib/OpenSSL/crypto/dsa/dsa_lib.c @@ -190,7 +190,7 @@ DSA *DSA_new_method(ENGINE *engine) ret->method_mont_p=NULL; ret->references=1; - ret->flags=ret->meth->flags; + ret->flags=ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { diff --git a/Cryptlib/OpenSSL/crypto/dsa/dsa_ossl.c b/Cryptlib/OpenSSL/crypto/dsa/dsa_ossl.c index 412cf1d8..17277608 100755 --- a/Cryptlib/OpenSSL/crypto/dsa/dsa_ossl.c +++ b/Cryptlib/OpenSSL/crypto/dsa/dsa_ossl.c @@ -178,7 +178,8 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ if (BN_cmp(s,dsa->q) > 0) - BN_sub(s,s,dsa->q); + if (!BN_sub(s,s,dsa->q)) + goto err; if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; ret=DSA_SIG_new(); |