DSASigner: fix key check when no digest specified

Since the digest specified was a NullDigest, its effective length during initialization is 0 bytes, so there is no way to tell if the key strength is appropriate at that time. Bug: 21630204 Bug: 27247313 Change-Id: I0f60ac5d62ae54119fd432cf828a2282418e8f39
author: Kenny Root <kroot@google.com> 2016-02-10 09:55:02 -0800
committer: Kenny Root <kroot@google.com> 2016-02-29 21:16:32 +0000
commit: c8f9dc88f7b38016a48406ebbd76421439068860 (patch)
tree: 48a6cd3a54a52a1cfa64397de196f61c2f2c4dab /bcprov/src/main/java
parent: 0b922e01ab200d5a40f56d1e645b1924e3f03fa0 (diff)
download: bouncycastle-c8f9dc88f7b38016a48406ebbd76421439068860.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
index a2923143..2c4900f1 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
@@ -208,7 +208,7 @@ public class DSASigner
         } else if (valueL == 3072 && valueN != 256) {
             throw new InvalidKeyException("valueN must be 256 for valueL = 3072");
         }
-        if (valueN > digestSize * 8) {
+        if (!(digest instanceof NullDigest) && valueN > digestSize * 8) {
             throw new InvalidKeyException("Key is too strong for this signature algorithm");
         }
     }
author	Kenny Root <kroot@google.com>	2016-02-10 09:55:02 -0800
committer	Kenny Root <kroot@google.com>	2016-02-29 21:16:32 +0000
commit	c8f9dc88f7b38016a48406ebbd76421439068860 (patch)
tree	48a6cd3a54a52a1cfa64397de196f61c2f2c4dab /bcprov/src/main/java
parent	0b922e01ab200d5a40f56d1e645b1924e3f03fa0 (diff)
download	bouncycastle-c8f9dc88f7b38016a48406ebbd76421439068860.tar.gz