From 34515e8f88e57c13cdf2b1d4ec094ffd4e9f8d94 Mon Sep 17 00:00:00 2001
From: Bryan Donlan <bdonlan@amazon.com>
Date: Tue, 17 Jul 2018 13:38:17 -0700
Subject: [PATCH] Remove DSA digest length checks when no digest is passed

FIPS 186-4 does not specify a hard requirement on DSA digest lengths,
and in any case the current check rejects the FIPS recommended digest
lengths for key sizes != 1024 bits.

Fixes: #6748

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6749)

(cherry picked from commit 665d9d1c0655d6f709c99e1211c1e11fcebfeecd)
---
 crypto/dsa/dsa_pmeth.c | 18 ++++--------------
 1 file changed, 4 insertions(+), 14 deletions(-)

diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index a1cbaadc64..a82c4c9811 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -76,13 +76,8 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
     DSA_PKEY_CTX *dctx = ctx->data;
     DSA *dsa = ctx->pkey->pkey.dsa;
 
-    if (dctx->md) {
-        if (tbslen != (size_t)EVP_MD_size(dctx->md))
-            return 0;
-    } else {
-        if (tbslen != SHA_DIGEST_LENGTH)
-            return 0;
-    }
+    if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
+        return 0;
 
     ret = DSA_sign(0, tbs, tbslen, sig, &sltmp, dsa);
 
@@ -100,13 +95,8 @@ static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
     DSA_PKEY_CTX *dctx = ctx->data;
     DSA *dsa = ctx->pkey->pkey.dsa;
 
-    if (dctx->md) {
-        if (tbslen != (size_t)EVP_MD_size(dctx->md))
-            return 0;
-    } else {
-        if (tbslen != SHA_DIGEST_LENGTH)
-            return 0;
-    }
+    if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
+        return 0;
 
     ret = DSA_verify(0, tbs, tbslen, sig, siglen, dsa);
 
-- 
2.25.1