Slightly simplify some DSA logic.

See also upstream's b62a2f8a373d1889672599834acf95161f2883ce. Change-Id: I430be5ec21198484b8a874460b224e15bafafe48 Reviewed-on: https://boringssl-review.googlesource.com/6344 Reviewed-by: Adam Langley <alangley@gmail.com>
author: David Benjamin <davidben@chromium.org> 2015-10-24 01:28:54 +0300
committer: Adam Langley <alangley@gmail.com> 2015-10-26 22:28:50 +0300
commit: 68b4e8933e4083743ff8c98bff72db30f17ba927 (patch)
tree: d8115bffcc9e3f151ba4f2812ba8d48e69a86495 /crypto/dsa
parent: 471abb1f211aa75dcc2fdf8baa444e468f6e6708 (diff)
1 files changed, 3 insertions, 15 deletions
diff --git a/crypto/dsa/dsa_impl.c b/crypto/dsa/dsa_impl.c
index b10610d5..e046f9c6 100644
--- a/crypto/dsa/dsa_impl.c
+++ b/crypto/dsa/dsa_impl.c
@@ -463,23 +463,11 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in,
   int r = 0;
   BN_CTX *ctx = NULL;
   unsigned int h = 2;
-  unsigned qbits, qsize;
+  unsigned qsize;
   const EVP_MD *evpmd;
 
-  if (bits >= 2048) {
-    qbits = 256;
-    evpmd = EVP_sha256();
-  } else {
-    qbits = 160;
-    evpmd = EVP_sha1();
-  }
-  qsize = qbits / 8;
-
-  if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
-      qsize != SHA256_DIGEST_LENGTH) {
-    /* invalid q size */
-    return 0;
-  }
+  evpmd = (bits >= 2048) ? EVP_sha256() : EVP_sha1();
+  qsize = EVP_MD_size(evpmd);
 
   if (bits < 512) {
     bits = 512;
author	David Benjamin <davidben@chromium.org>	2015-10-24 01:28:54 +0300
committer	Adam Langley <alangley@gmail.com>	2015-10-26 22:28:50 +0300
commit	68b4e8933e4083743ff8c98bff72db30f17ba927 (patch)
tree	d8115bffcc9e3f151ba4f2812ba8d48e69a86495 /crypto/dsa
parent	471abb1f211aa75dcc2fdf8baa444e468f6e6708 (diff)