better dsa fix

author: Karel Miko <karel.miko@gmail.com> 2017-02-28 11:16:41 +0100
committer: Karel Miko <karel.miko@gmail.com> 2017-02-28 11:16:41 +0100
commit: 21c6b17be7c143a128d890bd4fadd4ee8414e172 (patch)
tree: d337d4fd5db20a2e63e2ca410e176f5648c37674 /src/ltc/pk/dsa/dsa_verify_hash.c
parent: f2361f5638b41340b0803dc1d5cd559066819c5d (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/src/ltc/pk/dsa/dsa_verify_hash.c b/src/ltc/pk/dsa/dsa_verify_hash.c
index 93c313a1..d2473915 100644
--- a/src/ltc/pk/dsa/dsa_verify_hash.c
+++ b/src/ltc/pk/dsa/dsa_verify_hash.c
@@ -29,7 +29,7 @@
   @return CRYPT_OK if successful (even if the signature is invalid)
 */
 int dsa_verify_hash_raw(         void   *r,          void   *s,
-                    const unsigned char *hash, unsigned long hashlen, 
+                    const unsigned char *hash, unsigned long hashlen,
                                     int *stat,      dsa_key *key)
 {
    void          *w, *v, *u1, *u2;
@@ -55,7 +55,7 @@ int dsa_verify_hash_raw(         void   *r,          void   *s,
    }
 
    /* FIPS 186-4 4.7: use leftmost min(bitlen(q), bitlen(hash)) bits of 'hash' */
-   if (hashlen > (unsigned long)key->qord) hashlen = (unsigned long)key->qord;
+   hashlen = MIN(hashlen, (unsigned long)(key->qord));
 
    /* w = 1/s mod q */
    if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK)                                       { goto error; }
@@ -65,7 +65,7 @@ int dsa_verify_hash_raw(         void   *r,          void   *s,
    if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK)                                  { goto error; }
 
    /* u2 = r*w mod q */
-   if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK)                                   { goto error; } 
+   if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK)                                   { goto error; }
 
    /* v = g^u1 * y^u2 mod p mod q */
    if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK)                            { goto error; }
@@ -95,7 +95,7 @@ error:
   @return CRYPT_OK if successful (even if the signature is invalid)
 */
 int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
-                    const unsigned char *hash, unsigned long hashlen, 
+                    const unsigned char *hash, unsigned long hashlen,
                     int *stat, dsa_key *key)
 {
    int    err;
@@ -107,8 +107,8 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
 
    /* decode the sequence */
    if ((err = der_decode_sequence_multi(sig, siglen,
-                                  LTC_ASN1_INTEGER, 1UL, r, 
-                                  LTC_ASN1_INTEGER, 1UL, s, 
+                                  LTC_ASN1_INTEGER, 1UL, r,
+                                  LTC_ASN1_INTEGER, 1UL, s,
                                   LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
       goto LBL_ERR;
    }
author	Karel Miko <karel.miko@gmail.com>	2017-02-28 11:16:41 +0100
committer	Karel Miko <karel.miko@gmail.com>	2017-02-28 11:16:41 +0100
commit	21c6b17be7c143a128d890bd4fadd4ee8414e172 (patch)
tree	d337d4fd5db20a2e63e2ca410e176f5648c37674 /src/ltc/pk/dsa/dsa_verify_hash.c
parent	f2361f5638b41340b0803dc1d5cd559066819c5d (diff)