|
@@ -24,7 +24,7 @@
|
|
|
*/
|
|
*/
|
|
|
int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
|
|
int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
|
|
|
{
|
|
{
|
|
|
- int err;
|
|
|
|
|
|
|
+ int err, stat;
|
|
|
unsigned long zero = 0;
|
|
unsigned long zero = 0;
|
|
|
unsigned char* tmpbuf = NULL;
|
|
unsigned char* tmpbuf = NULL;
|
|
|
unsigned char flags[1];
|
|
unsigned char flags[1];
|
|
@@ -116,10 +116,21 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
LBL_OK:
|
|
LBL_OK:
|
|
|
- key->qord = mp_unsigned_bin_size(key->q);
|
|
|
|
|
|
|
+ key->qord = mp_unsigned_bin_size(key->q);
|
|
|
|
|
|
|
|
- if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
|
|
|
|
|
- (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
|
|
|
|
|
|
|
+ /* quick p, q, g validation, without primality testing */
|
|
|
|
|
+ if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) {
|
|
|
|
|
+ goto LBL_ERR;
|
|
|
|
|
+ }
|
|
|
|
|
+ if (stat == 0) {
|
|
|
|
|
+ err = CRYPT_INVALID_PACKET;
|
|
|
|
|
+ goto LBL_ERR;
|
|
|
|
|
+ }
|
|
|
|
|
+ /* validate x, y */
|
|
|
|
|
+ if ((err = dsa_int_validate_xy(key, &stat)) != CRYPT_OK) {
|
|
|
|
|
+ goto LBL_ERR;
|
|
|
|
|
+ }
|
|
|
|
|
+ if (stat == 0) {
|
|
|
err = CRYPT_INVALID_PACKET;
|
|
err = CRYPT_INVALID_PACKET;
|
|
|
goto LBL_ERR;
|
|
goto LBL_ERR;
|
|
|
}
|
|
}
|
Karel Miko