Loading CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,11 @@ Changes between 0.9.6a and 0.9.6b [XX xxx XXXX] *) Fix various bugs related to DSA S/MIME verification. Handle missing parameters in DSA public key structures and return an error in the DSA routines if parameters are absent. [Steve Henson] *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd" in the current directory if neither $RANDFILE nor $HOME was set. RAND_file_name() in 0.9.6a returned NULL in this case. This has Loading crypto/asn1/x_pubkey.c +1 −1 Original line number Diff line number Diff line Loading @@ -234,7 +234,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) a=key->algor; if (ret->type == EVP_PKEY_DSA) { if (a->parameter->type == V_ASN1_SEQUENCE) if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { ret->pkey.dsa->write_params=0; p=a->parameter->value.sequence->data; Loading crypto/dsa/dsa.h +1 −0 Original line number Diff line number Diff line Loading @@ -236,6 +236,7 @@ DH *DSA_dup_DH(DSA *r); /* Reason codes. */ #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 #define DSA_R_MISSING_PARAMETERS 101 #ifdef __cplusplus } Loading crypto/dsa/dsa_err.c +1 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,7 @@ static ERR_STRING_DATA DSA_str_functs[]= static ERR_STRING_DATA DSA_str_reasons[]= { {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, {DSA_R_MISSING_PARAMETERS ,"missing parameters"}, {0,NULL} }; Loading crypto/dsa/dsa_ossl.c +10 −0 Original line number Diff line number Diff line Loading @@ -105,6 +105,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) int i,reason=ERR_R_BN_LIB; DSA_SIG *ret=NULL; if (!dsa->p || !dsa->q || !dsa->g) { reason=DSA_R_MISSING_PARAMETERS; goto err; } BN_init(&m); BN_init(&xr); s=BN_new(); Loading Loading @@ -167,6 +172,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) BIGNUM k,*kinv=NULL,*r=NULL; int ret=0; if (!dsa->p || !dsa->q || !dsa->g) { DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); return 0; } if (ctx_in == NULL) { if ((ctx=BN_CTX_new()) == NULL) goto err; Loading Loading
CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,11 @@ Changes between 0.9.6a and 0.9.6b [XX xxx XXXX] *) Fix various bugs related to DSA S/MIME verification. Handle missing parameters in DSA public key structures and return an error in the DSA routines if parameters are absent. [Steve Henson] *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd" in the current directory if neither $RANDFILE nor $HOME was set. RAND_file_name() in 0.9.6a returned NULL in this case. This has Loading
crypto/asn1/x_pubkey.c +1 −1 Original line number Diff line number Diff line Loading @@ -234,7 +234,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) a=key->algor; if (ret->type == EVP_PKEY_DSA) { if (a->parameter->type == V_ASN1_SEQUENCE) if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { ret->pkey.dsa->write_params=0; p=a->parameter->value.sequence->data; Loading
crypto/dsa/dsa.h +1 −0 Original line number Diff line number Diff line Loading @@ -236,6 +236,7 @@ DH *DSA_dup_DH(DSA *r); /* Reason codes. */ #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 #define DSA_R_MISSING_PARAMETERS 101 #ifdef __cplusplus } Loading
crypto/dsa/dsa_err.c +1 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,7 @@ static ERR_STRING_DATA DSA_str_functs[]= static ERR_STRING_DATA DSA_str_reasons[]= { {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, {DSA_R_MISSING_PARAMETERS ,"missing parameters"}, {0,NULL} }; Loading
crypto/dsa/dsa_ossl.c +10 −0 Original line number Diff line number Diff line Loading @@ -105,6 +105,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) int i,reason=ERR_R_BN_LIB; DSA_SIG *ret=NULL; if (!dsa->p || !dsa->q || !dsa->g) { reason=DSA_R_MISSING_PARAMETERS; goto err; } BN_init(&m); BN_init(&xr); s=BN_new(); Loading Loading @@ -167,6 +172,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) BIGNUM k,*kinv=NULL,*r=NULL; int ret=0; if (!dsa->p || !dsa->q || !dsa->g) { DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); return 0; } if (ctx_in == NULL) { if ((ctx=BN_CTX_new()) == NULL) goto err; Loading
