return an error if the supplied precomputed values lead to an invalid signature

author: Nils Larsch <nils@openssl.org> 2006-10-04 19:37:17 +0000
committer: Nils Larsch <nils@openssl.org> 2006-10-04 19:37:17 +0000
commit: 2fc281d01f76c42e80f25e8dfd3e4161c2f53a47 (patch)
tree: 65e8d61afe485ecec2958623c9cb357783aa29fd /crypto/ecdsa/ecs_ossl.c
parent: d326582cabe290fff22678af0270667b2b2761d9 (diff)
download: openssl-2fc281d01f76c42e80f25e8dfd3e4161c2f53a47.tar.gz
1 files changed, 14 insertions, 1 deletions
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index 8be45ddc93..32d66a9774 100644
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -299,8 +299,21 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
 		}
+		if (BN_is_zero(s))
+		{
+			/* if kinv and r have been supplied by the caller
+			 * don't to generate new kinv and r values */
+			if (in_kinv != NULL && in_r != NULL)
+			{
+				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
+				goto err;
+			}
+		}
+		else
+			/* s != 0 => we have a valid signature */
+			break;
 	}
-	while (BN_is_zero(s));
+	while (1);
 
 	ok = 1;
 err:
author	Nils Larsch <nils@openssl.org>	2006-10-04 19:37:17 +0000
committer	Nils Larsch <nils@openssl.org>	2006-10-04 19:37:17 +0000
commit	2fc281d01f76c42e80f25e8dfd3e4161c2f53a47 (patch)
tree	65e8d61afe485ecec2958623c9cb357783aa29fd /crypto/ecdsa/ecs_ossl.c
parent	d326582cabe290fff22678af0270667b2b2761d9 (diff)
download	openssl-2fc281d01f76c42e80f25e8dfd3e4161c2f53a47.tar.gz