diff options
Diffstat (limited to 'crypto/dsa/dsa.c')
-rw-r--r-- | crypto/dsa/dsa.c | 49 |
1 files changed, 31 insertions, 18 deletions
diff --git a/crypto/dsa/dsa.c b/crypto/dsa/dsa.c index 3b269d4f..aaa763f6 100644 --- a/crypto/dsa/dsa.c +++ b/crypto/dsa/dsa.c @@ -61,7 +61,6 @@ #include <string.h> -#include <openssl/asn1.h> #include <openssl/bn.h> #include <openssl/dh.h> #include <openssl/digest.h> @@ -754,24 +753,38 @@ err: return ret; } -int DSA_size(const DSA *dsa) { - int ret, i; - ASN1_INTEGER bs; - unsigned char buf[4]; /* 4 bytes looks really small. - However, i2d_ASN1_INTEGER() will not look - beyond the first byte, as long as the second - parameter is NULL. */ +/* der_len_len returns the number of bytes needed to represent a length of |len| + * in DER. */ +static size_t der_len_len(size_t len) { + if (len < 0x80) { + return 1; + } + size_t ret = 1; + while (len > 0) { + ret++; + len >>= 8; + } + return ret; +} - i = BN_num_bits(dsa->q); - bs.length = (i + 7) / 8; - bs.data = buf; - bs.type = V_ASN1_INTEGER; - /* If the top bit is set the asn1 encoding is 1 larger. */ - buf[0] = 0xff; - - i = i2d_ASN1_INTEGER(&bs, NULL); - i += i; /* r and s */ - ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE); +int DSA_size(const DSA *dsa) { + size_t order_len = BN_num_bytes(dsa->q); + /* Compute the maximum length of an |order_len| byte integer. Defensively + * assume that the leading 0x00 is included. */ + size_t integer_len = 1 /* tag */ + der_len_len(order_len + 1) + 1 + order_len; + if (integer_len < order_len) { + return 0; + } + /* A DSA signature is two INTEGERs. */ + size_t value_len = 2 * integer_len; + if (value_len < integer_len) { + return 0; + } + /* Add the header. */ + size_t ret = 1 /* tag */ + der_len_len(value_len) + value_len; + if (ret < value_len) { + return 0; + } return ret; } |