Merge branch 'develop' into release-0.5.2

author: Parménides GV <parmegv@sdf.org> 2014-06-13 12:21:38 +0200
committer: Parménides GV <parmegv@sdf.org> 2014-06-13 12:21:38 +0200
commit: d09435a9d2adb0d0cafa0b1f9f6cfe326346cbc6 (patch)
tree: 946278cd836aa6af639675f4eb5ec7378d783dd8 /app/openssl/crypto/dsa/dsa_vrf.c
parent: 5d47fde84a03acb1201f8650c55dc0cd981df679 (diff)
parent: 3a71bc9e4aa4296f460e2e3c55de74c9852477ad (diff)
1 files changed, 8 insertions, 21 deletions
diff --git a/app/openssl/crypto/dsa/dsa_vrf.c b/app/openssl/crypto/dsa/dsa_vrf.c
index 226a75ff..674cb5fa 100644
--- a/app/openssl/crypto/dsa/dsa_vrf.c
+++ b/app/openssl/crypto/dsa/dsa_vrf.c
@@ -64,26 +64,13 @@
 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 		  DSA *dsa)
 	{
+#ifdef OPENSSL_FIPS
+	if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+			&& !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
+		{
+		DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
+		return -1;
+		}
+#endif
 	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
 	}
-
-/* data has already been hashed (probably with SHA or SHA-1). */
-/* returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
-	     const unsigned char *sigbuf, int siglen, DSA *dsa)
-	{
-	DSA_SIG *s;
-	int ret=-1;
-
-	s = DSA_SIG_new();
-	if (s == NULL) return(ret);
-	if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
-	ret=DSA_do_verify(dgst,dgst_len,s,dsa);
-err:
-	DSA_SIG_free(s);
-	return(ret);
-	}
author	Parménides GV <parmegv@sdf.org>	2014-06-13 12:21:38 +0200
committer	Parménides GV <parmegv@sdf.org>	2014-06-13 12:21:38 +0200
commit	d09435a9d2adb0d0cafa0b1f9f6cfe326346cbc6 (patch)
tree	946278cd836aa6af639675f4eb5ec7378d783dd8 /app/openssl/crypto/dsa/dsa_vrf.c
parent	5d47fde84a03acb1201f8650c55dc0cd981df679 (diff)
parent	3a71bc9e4aa4296f460e2e3c55de74c9852477ad (diff)