diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2007-10-05 16:53:31 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2007-10-05 16:53:31 +0000 |
commit | fcd1cb666c450c0cd0c459547e7d8277ab009d85 (patch) | |
tree | aaf76f24a16288f6d212de90673b701d884d005d | |
parent | 4f19a9cb9fa64f361d3e041f7772d8f4fc748efb (diff) | |
download | openssl-fcd1cb666c450c0cd0c459547e7d8277ab009d85.tar.gz |
Fix from fips branch.
-rw-r--r-- | crypto/dsa/dsa_gen.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 5deac2630c..2435fc8bc7 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -140,13 +140,20 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, bits = (bits+63)/64*64; - if (seed_len < (size_t)qsize) + /* NB: seed_len == 0 is special case: copy generated seed to + * seed_in if it is not NULL. + */ + if (seed_len && (seed_len < (size_t)qsize)) seed_in = NULL; /* seed buffer too small -- ignore */ if (seed_len > (size_t)qsize) seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, * but our internal buffers are restricted to 160 bits*/ if (seed_in != NULL) + { memcpy(seed, seed_in, seed_len); + /* set seed_in to NULL to avoid it being copied back */ + seed_in = NULL; + } if ((ctx=BN_CTX_new()) == NULL) goto err; @@ -328,7 +335,7 @@ err: ok=0; goto err; } - if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed, qsize); + if (seed_in != NULL) memcpy(seed_in,seed, qsize); if (counter_ret != NULL) *counter_ret=counter; if (h_ret != NULL) *h_ret=h; } |