Slightly simplify some DSA logic.
See also upstream's b62a2f8a373d1889672599834acf95161f2883ce.
Change-Id: I430be5ec21198484b8a874460b224e15bafafe48
Reviewed-on: https://boringssl-review.googlesource.com/6344
Reviewed-by: Adam Langley <alangley@gmail.com>
diff --git a/crypto/dsa/dsa_impl.c b/crypto/dsa/dsa_impl.c
index b10610d..e046f9c 100644
--- a/crypto/dsa/dsa_impl.c
+++ b/crypto/dsa/dsa_impl.c
@@ -463,23 +463,11 @@
int r = 0;
BN_CTX *ctx = NULL;
unsigned int h = 2;
- unsigned qbits, qsize;
+ unsigned qsize;
const EVP_MD *evpmd;
- if (bits >= 2048) {
- qbits = 256;
- evpmd = EVP_sha256();
- } else {
- qbits = 160;
- evpmd = EVP_sha1();
- }
- qsize = qbits / 8;
-
- if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
- qsize != SHA256_DIGEST_LENGTH) {
- /* invalid q size */
- return 0;
- }
+ evpmd = (bits >= 2048) ? EVP_sha256() : EVP_sha1();
+ qsize = EVP_MD_size(evpmd);
if (bits < 512) {
bits = 512;