diff options
author | jkim <jkim@FreeBSD.org> | 2015-01-08 23:42:41 +0000 |
---|---|---|
committer | jkim <jkim@FreeBSD.org> | 2015-01-08 23:42:41 +0000 |
commit | 4f9b1cef1a6825f03178937e0feb39a2b2d046c8 (patch) | |
tree | 6c2f3cb14d70e0247fe500835bed3d3588c3025e /crypto/openssl/crypto/dsa/dsa_asn1.c | |
parent | cfd5b20c8bb6e3677ef84152d28058c0ead0de39 (diff) | |
parent | a350427e88bc6ff288594c964ca0f57464062eb0 (diff) | |
download | FreeBSD-src-4f9b1cef1a6825f03178937e0feb39a2b2d046c8.zip FreeBSD-src-4f9b1cef1a6825f03178937e0feb39a2b2d046c8.tar.gz |
Merge OpenSSL 1.0.1k.
Diffstat (limited to 'crypto/openssl/crypto/dsa/dsa_asn1.c')
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_asn1.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/crypto/openssl/crypto/dsa/dsa_asn1.c b/crypto/openssl/crypto/dsa/dsa_asn1.c index 6058534..473af87 100644 --- a/crypto/openssl/crypto/dsa/dsa_asn1.c +++ b/crypto/openssl/crypto/dsa/dsa_asn1.c @@ -176,13 +176,25 @@ int DSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sigbuf, int siglen, DSA *dsa) { DSA_SIG *s; + const unsigned char *p = sigbuf; + unsigned char *der = NULL; + int derlen = -1; int ret=-1; s = DSA_SIG_new(); if (s == NULL) return(ret); - if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; + if (d2i_DSA_SIG(&s,&p,siglen) == NULL) goto err; + /* Ensure signature uses DER and doesn't have trailing garbage */ + derlen = i2d_DSA_SIG(s, &der); + if (derlen != siglen || memcmp(sigbuf, der, derlen)) + goto err; ret=DSA_do_verify(dgst,dgst_len,s,dsa); err: + if (derlen > 0) + { + OPENSSL_cleanse(der, derlen); + OPENSSL_free(der); + } DSA_SIG_free(s); return(ret); } |