OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Nils
Larsch
Root: /v/openssl/cvs Email: nils openssl.org
Module: openssl Date:
04-Oct-2006 21:37:18
Branch: HEAD Handle:
2006100420371700
Modified files:
openssl/crypto/ecdsa ecdsa.h ecs_err.c ecs_ossl.c
Log:
return an error if the supplied precomputed values lead
to an invalid
signature
Summary:
Revision Changes Path
1.18 +1 -0 openssl/crypto/ecdsa/ecdsa.h
1.7 +2 -1 openssl/crypto/ecdsa/ecs_err.c
1.15 +14 -1 openssl/crypto/ecdsa/ecs_ossl.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/crypto/ecdsa/ecdsa.h
============================================================
================
$ cvs diff -u -r1.17 -r1.18 ecdsa.h
--- openssl/crypto/ecdsa/ecdsa.h 19 Sep 2005 08:32:56
-0000 1.17
+++ openssl/crypto/ecdsa/ecdsa.h 4 Oct 2006 19:37:17
-0000 1.18
-248,6 +248,7
#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
#define ECDSA_R_ERR_EC_LIB 102
#define ECDSA_R_MISSING_PARAMETERS 103
+#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
.
patch -p0 <<' .'
Index: openssl/crypto/ecdsa/ecs_err.c
============================================================
================
$ cvs diff -u -r1.6 -r1.7 ecs_err.c
--- openssl/crypto/ecdsa/ecs_err.c 26 Apr 2005 18:53:20
-0000 1.6
+++ openssl/crypto/ecdsa/ecs_err.c 4 Oct 2006 19:37:17
-0000 1.7
-70,7 +70,7
static ERR_STRING_DATA ECDSA_str_functs[]=
{
-{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_
new_method"},
+{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_
NEW_METHOD"},
{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"}
,
{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify&qu
ot;},
{ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup&
quot;},
-83,6 +83,7
{ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data
too large for key size"},
{ERR_REASON(ECDSA_R_ERR_EC_LIB) ,"err ec
lib"},
{ERR_REASON(ECDSA_R_MISSING_PARAMETERS) ,"missing
parameters"},
+{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new
setup values"},
{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"r
andom number generation failed"},
{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature
malloc failed"},
{0,NULL}
.
patch -p0 <<' .'
Index: openssl/crypto/ecdsa/ecs_ossl.c
============================================================
================
$ cvs diff -u -r1.14 -r1.15 ecs_ossl.c
--- openssl/crypto/ecdsa/ecs_ossl.c 16 May 2005 10:11:01
-0000 1.14
+++ openssl/crypto/ecdsa/ecs_ossl.c 4 Oct 2006 19:37:17
-0000 1.15
-299,8 +299,21
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
+ if (BN_is_zero(s))
+ {
+ /* if kinv and r have been supplied by the caller
+ * don't to generate new kinv and r values */
+ if (in_kinv != NULL && in_r != NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
ECDSA_R_NEED_NEW_SETUP_VALUES);
+ goto err;
+ }
+ }
+ else
+ /* s != 0 => we have a valid signature */
+ break;
}
- while (BN_is_zero(s));
+ while (1);
ok = 1;
err:
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|