diff options
author | Kenny Root <kroot@google.com> | 2016-02-10 09:55:02 -0800 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2016-02-29 21:16:32 +0000 |
commit | c8f9dc88f7b38016a48406ebbd76421439068860 (patch) | |
tree | 48a6cd3a54a52a1cfa64397de196f61c2f2c4dab /bcprov/src/main/java/org/bouncycastle/jcajce/provider | |
parent | 0b922e01ab200d5a40f56d1e645b1924e3f03fa0 (diff) | |
download | bouncycastle-c8f9dc88f7b38016a48406ebbd76421439068860.tar.gz |
DSASigner: fix key check when no digest specified
Since the digest specified was a NullDigest, its effective length during
initialization is 0 bytes, so there is no way to tell if the key
strength is appropriate at that time.
Bug: 21630204
Bug: 27247313
Change-Id: I0f60ac5d62ae54119fd432cf828a2282418e8f39
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jcajce/provider')
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java index a2923143..2c4900f1 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java @@ -208,7 +208,7 @@ public class DSASigner } else if (valueL == 3072 && valueN != 256) { throw new InvalidKeyException("valueN must be 256 for valueL = 3072"); } - if (valueN > digestSize * 8) { + if (!(digest instanceof NullDigest) && valueN > digestSize * 8) { throw new InvalidKeyException("Key is too strong for this signature algorithm"); } } |