Make `safe' (EC)DSA nonces the default.

This change updates 8a99cb29 to make the generation of (EC)DSA nonces using the message digest the default. It also reverts the changes to (EC)DSA_METHOD structure. In addition to making it the default, removing the flag from EC_KEY means that FIPS modules will no longer have an ABI mismatch.
author: Adam Langley <agl@chromium.org> 2013-07-15 12:42:15 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2013-07-15 12:57:48 +0100
commit: 190c615d4398cc6c8b61eb7881d7409314529a75 (patch)
tree: 364615b71860e8587e36c1031de887ae32cb2811 /crypto/dsa/dsa_sign.c
parent: 5c57c69f9ebcc933161a24d77f87f17011c9977b (diff)
1 files changed, 1 insertions, 8 deletions
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index b7e4caab2a..599093a4a8 100644
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -72,12 +72,5 @@ DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 
 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	{
-	if (dsa->flags & DSA_FLAG_NONCE_FROM_HASH)
-		{
-		/* One cannot precompute the DSA nonce if it is required to
-		 * depend on the message. */
-		DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NONCE_CANNOT_BE_PRECOMPUTED);
-		return 0;
-		}
-	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp, NULL, 0);
+	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
 	}
author	Adam Langley <agl@chromium.org>	2013-07-15 12:42:15 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2013-07-15 12:57:48 +0100
commit	190c615d4398cc6c8b61eb7881d7409314529a75 (patch)
tree	364615b71860e8587e36c1031de887ae32cb2811 /crypto/dsa/dsa_sign.c
parent	5c57c69f9ebcc933161a24d77f87f17011c9977b (diff)