Jeffrey Altman via RT wrote:
> What is the appropriate size for 'buf' in DSA_size()?
>
> 4 bytes is certainly not correct.
Hi Jeffry,
I think it's correct :-)
int DSA_size(const DSA *r)
{
int ret,i;
ASN1_INTEGER bs;
unsigned char buf[4];
i=BN_num_bits(r->q);
bs.length=(i+7)/8;
OPENSSL_assert(bs.length <= sizeof buf);
I think this assertion wrong. Normally we have 2^159 < q < 2^160
(see FIPS 186-2) => i == 160 => bs.length == 20 > 4
bs.data=buf;
bs.type=V_ASN1_INTEGER;
/* If the top bit is set the asn1 encoding is 1 larger. */
buf[0]=0xff;
i=i2d_ASN1_INTEGER(&bs,NULL);
i+=i; /* r and s */
ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
return(ret);
}
i2d_ASN1_INTEGER() calls i2c_ASN1_INTEGER() (a_int.c) and
in i2c_ASN1_INTEGER() we have:
int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
// NOTE: pp == NULL
{
int pad=0,ret,i,neg;
unsigned char *p,*n,pb=0;
if ((a == NULL) || (a->data == NULL)) return(0);
neg=a->type & V_ASN1_NEG;
if (a->length == 0)
ret=1;
else
{
ret=a->length;
i=a->data[0];
// NOTE: a->data[0] == 0xff == 255
if (!neg && (i > 127)) {
pad=1;
pb=0;
} else if(neg) {
if(i>128) {
pad=1;
pb=0xFF;
} else if(i == 128) {
...
}
}
ret+=pad;
}
if (pp == NULL) return(ret);
...
hence only the first byte of 'buf' is used.
Regards,
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
