diff options
-rw-r--r-- | crypto/dsa/dsa_sign.c | 7 | ||||
-rw-r--r-- | crypto/ec/ecdsa_ossl.c | 5 | ||||
-rw-r--r-- | crypto/sm2/sm2_sign.c | 7 | ||||
-rw-r--r-- | test/dsatest.c | 8 | ||||
-rw-r--r-- | test/ecdsatest.c | 28 |
5 files changed, 49 insertions, 6 deletions
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c index b806e7e655..190aca8ad9 100644 --- a/crypto/dsa/dsa_sign.c +++ b/crypto/dsa/dsa_sign.c @@ -157,6 +157,11 @@ int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen, { DSA_SIG *s; + if (sig == NULL) { + *siglen = DSA_size(dsa); + return 1; + } + /* legacy case uses the method table */ if (dsa->libctx == NULL || dsa->meth != DSA_get_default_method()) s = DSA_do_sign(dgst, dlen, dsa); @@ -167,7 +172,7 @@ int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen, *siglen = 0; return 0; } - *siglen = i2d_DSA_SIG(s, sig != NULL ? &sig : NULL); + *siglen = i2d_DSA_SIG(s, &sig); DSA_SIG_free(s); return 1; } diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index 0da33799e4..d7bd427e1b 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -77,6 +77,11 @@ int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, { ECDSA_SIG *s; + if (sig == NULL && (kinv == NULL || r == NULL)) { + *siglen = ECDSA_size(eckey); + return 1; + } + s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); if (s == NULL) { *siglen = 0; diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c index ca76128a24..1b3ca94d6e 100644 --- a/crypto/sm2/sm2_sign.c +++ b/crypto/sm2/sm2_sign.c @@ -450,6 +450,11 @@ int ossl_sm2_internal_sign(const unsigned char *dgst, int dgstlen, int sigleni; int ret = -1; + if (sig == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_PASSED_NULL_PARAMETER); + goto done; + } + e = BN_bin2bn(dgst, dgstlen, NULL); if (e == NULL) { ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); @@ -462,7 +467,7 @@ int ossl_sm2_internal_sign(const unsigned char *dgst, int dgstlen, goto done; } - sigleni = i2d_ECDSA_SIG(s, sig != NULL ? &sig : NULL); + sigleni = i2d_ECDSA_SIG(s, &sig); if (sigleni < 0) { ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR); goto done; diff --git a/test/dsatest.c b/test/dsatest.c index 5fa83020f8..73c6827bb0 100644 --- a/test/dsatest.c +++ b/test/dsatest.c @@ -332,6 +332,7 @@ static int test_dsa_sig_infinite_loop(void) BIGNUM *p = NULL, *q = NULL, *g = NULL, *priv = NULL, *pub = NULL, *priv2 = NULL; BIGNUM *badq = NULL, *badpriv = NULL; const unsigned char msg[] = { 0x00 }; + unsigned int signature_len0; unsigned int signature_len; unsigned char signature[64]; @@ -375,10 +376,13 @@ static int test_dsa_sig_infinite_loop(void) goto err; /* Test passing signature as NULL */ - if (!TEST_true(DSA_sign(0, msg, sizeof(msg), NULL, &signature_len, dsa))) + if (!TEST_true(DSA_sign(0, msg, sizeof(msg), NULL, &signature_len0, dsa)) + || !TEST_int_gt(signature_len0, 0)) goto err; - if (!TEST_true(DSA_sign(0, msg, sizeof(msg), signature, &signature_len, dsa))) + if (!TEST_true(DSA_sign(0, msg, sizeof(msg), signature, &signature_len, dsa)) + || !TEST_int_gt(signature_len, 0) + || !TEST_int_le(signature_len, signature_len0)) goto err; /* Test using a private key of zero fails - this causes an infinite loop without the retry test */ diff --git a/test/ecdsatest.c b/test/ecdsatest.c index 33a52eb1b5..ded41be5bd 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -350,15 +350,39 @@ static int test_builtin_as_sm2(int n) static int test_ecdsa_sig_NULL(void) { int ret; + unsigned int siglen0; unsigned int siglen; unsigned char dgst[128] = { 0 }; EC_KEY *eckey = NULL; + unsigned char *sig = NULL; + BIGNUM *kinv = NULL, *rp = NULL; ret = TEST_ptr(eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)) && TEST_int_eq(EC_KEY_generate_key(eckey), 1) - && TEST_int_eq(ECDSA_sign(0, dgst, sizeof(dgst), NULL, &siglen, eckey), 1) - && TEST_int_gt(siglen, 0); + && TEST_int_eq(ECDSA_sign(0, dgst, sizeof(dgst), NULL, &siglen0, + eckey), 1) + && TEST_int_gt(siglen0, 0) + && TEST_ptr(sig = OPENSSL_malloc(siglen0)) + && TEST_int_eq(ECDSA_sign(0, dgst, sizeof(dgst), sig, &siglen, + eckey), 1) + && TEST_int_gt(siglen, 0) + && TEST_int_le(siglen, siglen0) + && TEST_int_eq(ECDSA_verify(0, dgst, sizeof(dgst), sig, siglen, + eckey), 1) + && TEST_int_eq(ECDSA_sign_setup(eckey, NULL, &kinv, &rp), 1) + && TEST_int_eq(ECDSA_sign_ex(0, dgst, sizeof(dgst), NULL, &siglen, + kinv, rp, eckey), 1) + && TEST_int_gt(siglen, 0) + && TEST_int_le(siglen, siglen0) + && TEST_int_eq(ECDSA_sign_ex(0, dgst, sizeof(dgst), sig, &siglen0, + kinv, rp, eckey), 1) + && TEST_int_eq(siglen, siglen0) + && TEST_int_eq(ECDSA_verify(0, dgst, sizeof(dgst), sig, siglen, + eckey), 1); EC_KEY_free(eckey); + OPENSSL_free(sig); + BN_free(kinv); + BN_free(rp); return ret; } |