Implement DSA_SIG_set0() and ECDSA_SIG_set0(), for setting signature values.

SSH2 implementations which use DSA_do_verify() and ECDSA_do_verify() are given the R and S values, and the data to be signed, by the client. Thus in order to validate these signatures, SSH2 implementations will digest and sign the data -- and then pass in properly provisioned DSA_SIG and ECDSA_SIG objects. Unfortunately, the existing OpenSSL-1.1.0 APIs do not allow for directly setting those R and S values in these objects, which makes using OpenSSL for such SSH2 implementations much more difficult. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1193)
author: TJ Saunders <tj@castaglia.org> 2016-06-08 13:54:22 -0700
committer: Rich Salz <rsalz@openssl.org> 2016-06-13 15:44:49 -0400
commit: 6a571a18dd4381940d61a3c2f0d65d2b6515c693 (patch)
tree: 742283b7c96076c7d443a6818278c4a63e4d413f /crypto/dsa
parent: d356dc561925ec9cecc58a69e2280c18a49ec41a (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 93ce85f09e..b19bfaff50 100644
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -32,6 +32,15 @@ void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const DSA_SIG *sig)
     *ps = sig->s;
 }
 
+int DSA_SIG_set0(BIGNUM *r, BIGNUM *s, DSA_SIG *sig)
+{
+    BN_clear_free(sig->r);
+    BN_clear_free(sig->s);
+    sig->r = r;
+    sig->s = s;
+    return 1;
+}
+
 /* Override the default free and new methods */
 static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
                   void *exarg)
author	TJ Saunders <tj@castaglia.org>	2016-06-08 13:54:22 -0700
committer	Rich Salz <rsalz@openssl.org>	2016-06-13 15:44:49 -0400
commit	6a571a18dd4381940d61a3c2f0d65d2b6515c693 (patch)
tree	742283b7c96076c7d443a6818278c4a63e4d413f /crypto/dsa
parent	d356dc561925ec9cecc58a69e2280c18a49ec41a (diff)