← Back to branch summary

~ubuntu-branches/ubuntu/lucid/openssl/lucid-proposed

« back to all changes in this revision

Viewing changes to crypto/dsa/dsa_vrf.c

  • Committer: Bazaar Package Importer
  • Author(s): Kurt Roeckx
  • Date: 2009-06-13 18:15:46 UTC
  • mto: (11.1.5 squeeze)
  • mto: This revision was merged to the branch mainline in revision 34.
  • Revision ID: james.westby@ubuntu.com-20090613181546-vbfntai3b009dl1u
Tags: upstream-0.9.8k
ImportĀ upstreamĀ versionĀ 0.9.8k

Show diffs side-by-side

added added

removed removed

Lines of Context:
crypto/dsa/dsa_vrf.c
64
64
#include <openssl/dsa.h>
65
65
#include <openssl/rand.h>
66
66
#include <openssl/asn1.h>
 
67
#ifdef OPENSSL_FIPS
 
68
#include <openssl/fips.h>
 
69
#endif
 
70
 
67
71
#include <openssl/asn1_mac.h>
68
72
 
69
73
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
70
74
                  DSA *dsa)
71
75
        {
 
76
#ifdef OPENSSL_FIPS
 
77
        if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
 
78
                {
 
79
                DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
 
80
                return 0;
 
81
                }
 
82
#endif
72
83
        return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
73
84
        }
74
 
 
75
 
/* data has already been hashed (probably with SHA or SHA-1). */
76
 
/* returns
77
 
 *      1: correct signature
78
 
 *      0: incorrect signature
79
 
 *     -1: error
80
 
 */
81
 
int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
82
 
             const unsigned char *sigbuf, int siglen, DSA *dsa)
83
 
        {
84
 
        DSA_SIG *s;
85
 
        int ret=-1;
86
 
 
87
 
        s = DSA_SIG_new();
88
 
        if (s == NULL) return(ret);
89
 
        if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
90
 
        ret=DSA_do_verify(dgst,dgst_len,s,dsa);
91
 
err:
92
 
        DSA_SIG_free(s);
93
 
        return(ret);
94
 
        }