Revert "Revert "Revert "external/boringssl: Sync to 81080a729af568f7b5fde92b9170cc17065027c9."""
This reverts commit a5c947b7c91bac52eeb5086507b67e52a59ef980.
Reason for revert: Breaks blueline target on qt-dev-plus-aosp and pi-dev-plus-aosp
Change-Id: Ib3f71674ce7f7114e5925043ead7e8e51e9bc31e
diff --git a/src/crypto/dsa/dsa.c b/src/crypto/dsa/dsa.c
index 51dca7f..288e2c8 100644
--- a/src/crypto/dsa/dsa.c
+++ b/src/crypto/dsa/dsa.c
@@ -558,34 +558,29 @@
}
DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, const DSA *dsa) {
- if (!dsa->p || !dsa->q || !dsa->g) {
- OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
- return NULL;
- }
+ BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
+ BIGNUM m;
+ BIGNUM xr;
+ BN_CTX *ctx = NULL;
+ int reason = ERR_R_BN_LIB;
+ DSA_SIG *ret = NULL;
- // Reject invalid parameters. In particular, the algorithm will infinite loop
- // if |g| is zero.
- if (BN_is_zero(dsa->p) || BN_is_zero(dsa->q) || BN_is_zero(dsa->g)) {
- OPENSSL_PUT_ERROR(DSA, DSA_R_INVALID_PARAMETERS);
- return NULL;
+ BN_init(&m);
+ BN_init(&xr);
+
+ if (!dsa->p || !dsa->q || !dsa->g) {
+ reason = DSA_R_MISSING_PARAMETERS;
+ goto err;
}
// We only support DSA keys that are a multiple of 8 bits. (This is a weaker
// check than the one in |DSA_do_check_signature|, which only allows 160-,
// 224-, and 256-bit keys.
if (BN_num_bits(dsa->q) % 8 != 0) {
- OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
- return NULL;
+ reason = DSA_R_BAD_Q_VALUE;
+ goto err;
}
- BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
- BIGNUM m;
- BIGNUM xr;
- BN_CTX *ctx = NULL;
- DSA_SIG *ret = NULL;
-
- BN_init(&m);
- BN_init(&xr);
s = BN_new();
if (s == NULL) {
goto err;
@@ -645,7 +640,7 @@
err:
if (ret == NULL) {
- OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB);
+ OPENSSL_PUT_ERROR(DSA, reason);
BN_free(r);
BN_free(s);
}