[openssl-users] Possible bug in DSA_verify() since CVE-2014-8275 patch (present in 1.0.1k and 1.0.1l)

Dr. Stephen Henson steve at openssl.org
Fri Jan 16 22:42:30 UTC 2015

On Fri, Jan 16, 2015, arnaud.mouiche at invoxia.com wrote:

> If you want to know about the signature, it was generating by signing the hash result

Do you have a code snippet of how you are generating the signature? That is
the code which calls DSA_sign()?

I can think of one way that could be wrong. If you are using DSA_size(key) as
the signature length instead of the length returned by DSA_sign() that will
fail under some circumstances. That's because DSA_size() returns the 
maximum length of the signature whereas DSA_sign() returns the actual
length which may be less. I

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list