List Info

Thread: OpenSSL: OpenSSL-fips-0_9_8-stable: openssl/crypto/dsa/ dsa.h ds...
OpenSSL: OpenSSL-fips-0_9_8-stable: openssl/crypto/dsa/ dsa.h ds...
country flaguser name
Germany		 2007-08-17 21:36:24 
  OpenSSL CVS Repository
  http://cvs.openssl.org/
 
____________________________________________________________
________________

  Server: cvs.openssl.org                  Name:   Dr.
Stephen Henson
  Root:   /v/openssl/cvs                   Email:  steveopenssl.org
  Module: openssl                          Date:  
18-Aug-2007 04:36:24
  Branch: OpenSSL-fips-0_9_8-stable        Handle:
2007081803362201

  Modified files:           (Branch:
OpenSSL-fips-0_9_8-stable)
    openssl/crypto/dsa      dsa.h dsa_err.c
    openssl/fips/dsa        fips_dsa_key.c

  Log:
    Don't generate DSA keys with key size too small.

  Summary:
    Revision    Changes     Path
    1.39.2.1.2.6+1  -0      openssl/crypto/dsa/dsa.h
    1.13.2.2.2.4+1  -0      openssl/crypto/dsa/dsa_err.c
    1.1.2.2     +6  -0      openssl/fips/dsa/fips_dsa_key.c
 
____________________________________________________________
________________

  patch -p0 <<' .'
  Index: openssl/crypto/dsa/dsa.h
 
============================================================
================
  $ cvs diff -u -r1.39.2.1.2.5 -r1.39.2.1.2.6 dsa.h
  --- openssl/crypto/dsa/dsa.h	14 Aug 2007 13:33:28
-0000	1.39.2.1.2.5
  +++ openssl/crypto/dsa/dsa.h	18 Aug 2007 02:36:22
-0000	1.39.2.1.2.6
   -292,6 +292,7 
   #define DSA_F_D2I_DSA_SIG				 110
   #define DSA_F_DSAPARAMS_PRINT				 100
   #define DSA_F_DSAPARAMS_PRINT_FP			 101
  +#define DSA_F_DSA_BUILTIN_KEYGEN			 119
   #define DSA_F_DSA_BUILTIN_PARAMGEN			 118
   #define DSA_F_DSA_DO_SIGN				 112
   #define DSA_F_DSA_DO_VERIFY				 113
   .
  patch -p0 <<' .'
  Index: openssl/crypto/dsa/dsa_err.c
 
============================================================
================
  $ cvs diff -u -r1.13.2.2.2.3 -r1.13.2.2.2.4 dsa_err.c
  --- openssl/crypto/dsa/dsa_err.c	14 Aug 2007 13:33:28
-0000	1.13.2.2.2.3
  +++ openssl/crypto/dsa/dsa_err.c	18 Aug 2007 02:36:23
-0000	1.13.2.2.2.4
   -73,6 +73,7 
   {ERR_FUNC(DSA_F_D2I_DSA_SIG),	"d2i_DSA_SIG"},
  
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT),	"DSAparams_print"
;},
  
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP),	"DSAparams_print_f
p"},
 
+{ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN),	"DSA_BUILTIN_KEYG
EN"},
  
{ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN),	"DSA_BUILTIN_PAR
AMGEN"},
   {ERR_FUNC(DSA_F_DSA_DO_SIGN),	"DSA_do_sign"},
  
{ERR_FUNC(DSA_F_DSA_DO_VERIFY),	"DSA_do_verify"},
   .
  patch -p0 <<' .'
  Index: openssl/fips/dsa/fips_dsa_key.c
 
============================================================
================
  $ cvs diff -u -r1.1.2.1 -r1.1.2.2 fips_dsa_key.c
  --- openssl/fips/dsa/fips_dsa_key.c	15 Aug 2007 13:35:37
-0000	1.1.2.1
  +++ openssl/fips/dsa/fips_dsa_key.c	18 Aug 2007 02:36:23
-0000	1.1.2.2
   -101,6 +101,12 
   	BN_CTX *ctx=NULL;
   	BIGNUM *pub_key=NULL,*priv_key=NULL;
   
  +	if (FIPS_mode() && (BN_num_bits(dsa->p) <
OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
  +		{
  +		DSAerr(DSA_F_DSA_BUILTIN_KEYGEN,
DSA_R_KEY_SIZE_TOO_SMALL);
  +		goto err;
  +		}
  +
   	if ((ctx=BN_CTX_new()) == NULL) goto err;
   
   	if (dsa->priv_key == NULL)
   .
____________________________________________________________
__________
OpenSSL Project                                 http://www.openssl.org
CVS Repository Commit List                    
openssl-cvsopenssl.org
Automated List Manager                          
majordomoopenssl.org
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )