X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fdsa%2Fdsa_ossl.c;h=edaee5987772b078b0f4274406c7e08f7486ed2f;hb=fda29b6db038716e4409068798646c6db042e552;hp=d1f80609b1e578f5d8935dcac6846cae54f5b7b0;hpb=8a99cb29d1f0013243a532bccc1dc70ed678eebe;p=oweals%2Fopenssl.git

diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index d1f80609b1..edaee59877 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -72,9 +72,10 @@
 #endif
 
 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
-			  BIGNUM **kinvp, BIGNUM **rp,
-			  const unsigned char *dgst, int dlen);
+				      BIGNUM **kinvp, BIGNUM **rp,
+				      const unsigned char *dgst, int dlen);
 static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 			 DSA *dsa);
 static int dsa_init(DSA *dsa);
@@ -83,7 +84,7 @@ static int dsa_finish(DSA *dsa);
 static DSA_METHOD openssl_dsa_meth = {
 "OpenSSL DSA method",
 dsa_do_sign,
-dsa_sign_setup,
+dsa_sign_setup_no_digest,
 dsa_do_verify,
 NULL, /* dsa_mod_exp, */
 NULL, /* dsa_bn_mod_exp, */
@@ -178,7 +179,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 redo:
 	if ((dsa->kinv == NULL) || (dsa->r == NULL))
 		{
-		if (!dsa->meth->dsa_sign_setup(dsa,ctx,&kinv,&r,dgst,dlen))
+		if (!dsa_sign_setup(dsa,ctx,&kinv,&r,dgst,dlen))
 			goto err;
 		}
 	else
@@ -238,9 +239,14 @@ err:
 	return(ret);
 	}
 
+static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in,
+			  BIGNUM **kinvp, BIGNUM **rp) {
+	return dsa_sign_setup(dsa, ctx_in, kinvp, rp, NULL, 0);
+}
+
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
-			  BIGNUM **kinvp, BIGNUM **rp,
-			  const unsigned char *dgst, int dlen)
+				      BIGNUM **kinvp, BIGNUM **rp,
+				      const unsigned char *dgst, int dlen)
 	{
 	BN_CTX *ctx;
 	BIGNUM k,kq,*K,*kinv=NULL,*r=NULL;
@@ -268,11 +274,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
 	do
 		{
 #ifndef OPENSSL_NO_SHA512
-		if (dsa->flags & DSA_FLAG_NONCE_FROM_HASH)
+		if (dgst != NULL)
 			{
-			/* If DSA_FLAG_NONCE_FROM_HASH is set then we calculate k from
-			 * SHA512(private_key + H(message) + random). This protects the
-			 * private key from a weak PRNG. */
+			/* We calculate k from SHA512(private_key + H(message)
+			 * + random). This protects the private key from a weak
+			 * PRNG. */
 			if (!BN_generate_dsa_nonce(&k, dsa->q, dsa->priv_key, dgst,
 						   dlen, ctx))
 				goto err;