From: tb <tb@openbsd.org>
Date: Sat, 4 Mar 2023 21:06:17 +0000 (+0000)
Subject: Call dsa_check_keys() before signing or verifying
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=83f09c764e4beb3097e2a17a1f539db293910bd5;p=openbsd

Call dsa_check_keys() before signing or verifying

We already had some checks on both sides, but they were less precise
and differed between the functions. The code here is messy enough, so
any simplification is helpful...

ok beck jsing
---

diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c
index fd5fac64bb9..d32168a48ea 100644
--- a/lib/libcrypto/dsa/dsa_ossl.c
+++ b/lib/libcrypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ossl.c,v 1.48 2023/02/13 09:21:35 tb Exp $ */
+/* $OpenBSD: dsa_ossl.c,v 1.49 2023/03/04 21:06:17 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -102,8 +102,8 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	DSA_SIG *ret = NULL;
 	int noredo = 0;
 
-	if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
-		reason = DSA_R_MISSING_PARAMETERS;
+	if (!dsa_check_key(dsa)) {
+		reason = DSA_R_INVALID_PARAMETERS;
 		goto err;
 	}
 
@@ -218,10 +218,8 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	int q_bits;
 	int ret = 0;
 
-	if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
-		DSAerror(DSA_R_MISSING_PARAMETERS);
-		return 0;
-	}
+	if (!dsa_check_key(dsa))
+		goto err;
 
 	if ((r = BN_new()) == NULL)
 		goto err;
@@ -325,21 +323,8 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa)
 	int qbits;
 	int ret = -1;
 
-	if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
-		DSAerror(DSA_R_MISSING_PARAMETERS);
-		return -1;
-	}
-
-	/* FIPS 186-3 allows only three different sizes for q. */
-	qbits = BN_num_bits(dsa->q);
-	if (qbits != 160 && qbits != 224 && qbits != 256) {
-		DSAerror(DSA_R_BAD_Q_VALUE);
-		return -1;
-	}
-	if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
-		DSAerror(DSA_R_MODULUS_TOO_LARGE);
-		return -1;
-	}
+	if (!dsa_check_key(dsa))
+		goto err;
 
 	if ((ctx = BN_CTX_new()) == NULL)
 		goto err;
@@ -370,8 +355,9 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa)
 
 	/*
 	 * If the digest length is greater than the size of q use the
-	 * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-3, 4.2.
+	 * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-4, 4.2.
 	 */
+	qbits = BN_num_bits(dsa->q);
 	if (dgst_len > (qbits >> 3))
 		dgst_len = (qbits >> 3);