Make DSA_SIG and ECDSA_SIG getters const. (9267c11b) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/dsa/dsa_ameth.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -437,9 +437,9 @@ static int dsa_sig_print(BIO bp, const X509_ALGOR sigalg,
		dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
		if (dsa_sig) {
		int rv = 0;
		BIGNUM r, s;
		const BIGNUM r, s;

		DSA_SIG_get0(&r, &s, dsa_sig);
		DSA_SIG_get0(dsa_sig, &r, &s);

		if (BIO_write(bp, "\n", 1) != 1)
		goto err;

crypto/dsa/dsa_asn1.c

+5 −8

Original line number	Diff line number	Diff line
		@@ -14,11 +14,6 @@
		#include <openssl/asn1t.h>
		#include <openssl/rand.h>

		struct DSA_SIG_st {
		BIGNUM *r;
		BIGNUM *s;
		};

		ASN1_SEQUENCE(DSA_SIG) = {
		ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
		ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
		@@ -26,9 +21,11 @@ ASN1_SEQUENCE(DSA_SIG) = {

		IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)

		void DSA_SIG_get0(BIGNUM pr, BIGNUM ps, const DSA_SIG *sig)
		void DSA_SIG_get0(const DSA_SIG sig, const BIGNUM pr, const BIGNUM *ps)
		{
		if (pr != NULL)
		*pr = sig->r;
		if (ps != NULL)
		*ps = sig->s;
		}

crypto/dsa/dsa_locl.h

+5 −0

Original line number	Diff line number	Diff line
		@@ -32,6 +32,11 @@ struct dsa_st {
		CRYPTO_RWLOCK *lock;
		};

		struct DSA_SIG_st {
		BIGNUM *r;
		BIGNUM *s;
		};

		struct dsa_method {
		char *name;
		DSA_SIG (dsa_do_sign) (const unsigned char dgst, int dlen, DSA dsa);

crypto/dsa/dsa_ossl.c

+9 −12

Original line number	Diff line number	Diff line
		@@ -51,7 +51,6 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
		BIGNUM *kinv = NULL;
		BIGNUM *m;
		BIGNUM *xr;
		BIGNUM r, s;
		BN_CTX *ctx = NULL;
		int reason = ERR_R_BN_LIB;
		DSA_SIG *ret = NULL;
		@@ -71,13 +70,11 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
		if (ret == NULL)
		goto err;

		DSA_SIG_get0(&r, &s, ret);

		ctx = BN_CTX_new();
		if (ctx == NULL)
		goto err;
		redo:
		if (!dsa_sign_setup(dsa, ctx, &kinv, &r, dgst, dlen))
		if (!dsa_sign_setup(dsa, ctx, &kinv, &ret->r, dgst, dlen))
		goto err;

		if (dlen > BN_num_bytes(dsa->q))
		@@ -91,21 +88,21 @@ static DSA_SIG dsa_do_sign(const unsigned char dgst, int dlen, DSA *dsa)
		goto err;

		/* Compute s = inv(k) (m + xr) mod q */
		if (!BN_mod_mul(xr, dsa->priv_key, r, dsa->q, ctx))
		if (!BN_mod_mul(xr, dsa->priv_key, ret->r, dsa->q, ctx))
		goto err; /* s = xr */
		if (!BN_add(s, xr, m))
		if (!BN_add(ret->s, xr, m))
		goto err; /* s = m + xr */
		if (BN_cmp(s, dsa->q) > 0)
		if (!BN_sub(s, s, dsa->q))
		if (BN_cmp(ret->s, dsa->q) > 0)
		if (!BN_sub(ret->s, ret->s, dsa->q))
		goto err;
		if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
		if (!BN_mod_mul(ret->s, ret->s, kinv, dsa->q, ctx))
		goto err;

		/*
		* Redo if r or s is zero as required by FIPS 186-3: this is very
		* unlikely.
		*/
		if (BN_is_zero(r) \|\| BN_is_zero(s))
		if (BN_is_zero(ret->r) \|\| BN_is_zero(ret->s))
		goto redo;

		rv = 1;
		@@ -225,7 +222,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
		BN_CTX *ctx;
		BIGNUM u1, u2, *t1;
		BN_MONT_CTX *mont = NULL;
		BIGNUM r, s;
		const BIGNUM r, s;
		int ret = -1, i;
		if (!dsa->p \|\| !dsa->q \|\| !dsa->g) {
		DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS);
		@@ -250,7 +247,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
		if (u1 == NULL \|\| u2 == NULL \|\| t1 == NULL \|\| ctx == NULL)
		goto err;

		DSA_SIG_get0(&r, &s, sig);
		DSA_SIG_get0(sig, &r, &s);

		if (BN_is_zero(r) \|\| BN_is_negative(r) \|\|
		BN_ucmp(r, dsa->q) >= 0) {

crypto/ec/ec_asn1.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1172,7 +1172,7 @@ DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG)
		DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG)
		IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)

		void ECDSA_SIG_get0(BIGNUM pr, BIGNUM ps, const ECDSA_SIG *sig)
		void ECDSA_SIG_get0(const ECDSA_SIG sig, const BIGNUM pr, const BIGNUM *ps)
		{
		if (pr != NULL)
		*pr = sig->r;