artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3f42ce0) | patch
Add dsa_check_key() calls on DSA decoding
authortb <tb@openbsd.org>
Sat, 4 Mar 2023 21:02:21 +0000 (21:02 +0000)
committertb <tb@openbsd.org>
Sat, 4 Mar 2023 21:02:21 +0000 (21:02 +0000)
commitf1d158b40c0a84ac53fb5bea0c63d4d0ce8e3183
tree343aba452a4359a472d336cc02bbbab74821aed4tree | snapshot
parent3f42ce0a890cb77e6aed67407cafb72c2ae359c5commit | diff
Add dsa_check_key() calls on DSA decoding

When decoding a public or a private key, use dsa_check_key() to ensure
consistency of the DSA parameters. We do not always have sufficient
information to do that, so this is not always possible.

This adds new checks and replaces incomplete existing ones. On decoding
the private key we will now only calculate the corresponding public key,
if the sizes are sensible. This avoids potentially expensive operations.

ok beck jsing
lib/libcrypto/dsa/dsa_ameth.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim