diff options
author | Karel Miko <karel.miko@gmail.com> | 2017-02-28 11:16:41 +0100 |
---|---|---|
committer | Karel Miko <karel.miko@gmail.com> | 2017-02-28 11:16:41 +0100 |
commit | 21c6b17be7c143a128d890bd4fadd4ee8414e172 (patch) | |
tree | d337d4fd5db20a2e63e2ca410e176f5648c37674 /src/ltc/pk/dsa/dsa_verify_hash.c | |
parent | f2361f5638b41340b0803dc1d5cd559066819c5d (diff) |
better dsa fix
Diffstat (limited to 'src/ltc/pk/dsa/dsa_verify_hash.c')
-rw-r--r-- | src/ltc/pk/dsa/dsa_verify_hash.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/ltc/pk/dsa/dsa_verify_hash.c b/src/ltc/pk/dsa/dsa_verify_hash.c index 93c313a1..d2473915 100644 --- a/src/ltc/pk/dsa/dsa_verify_hash.c +++ b/src/ltc/pk/dsa/dsa_verify_hash.c @@ -29,7 +29,7 @@ @return CRYPT_OK if successful (even if the signature is invalid) */ int dsa_verify_hash_raw( void *r, void *s, - const unsigned char *hash, unsigned long hashlen, + const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { void *w, *v, *u1, *u2; @@ -55,7 +55,7 @@ int dsa_verify_hash_raw( void *r, void *s, } /* FIPS 186-4 4.7: use leftmost min(bitlen(q), bitlen(hash)) bits of 'hash' */ - if (hashlen > (unsigned long)key->qord) hashlen = (unsigned long)key->qord; + hashlen = MIN(hashlen, (unsigned long)(key->qord)); /* w = 1/s mod q */ if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; } @@ -65,7 +65,7 @@ int dsa_verify_hash_raw( void *r, void *s, if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; } /* u2 = r*w mod q */ - if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } /* v = g^u1 * y^u2 mod p mod q */ if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; } @@ -95,7 +95,7 @@ error: @return CRYPT_OK if successful (even if the signature is invalid) */ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, + const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { int err; @@ -107,8 +107,8 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, /* decode the sequence */ if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, + LTC_ASN1_INTEGER, 1UL, r, + LTC_ASN1_INTEGER, 1UL, s, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto LBL_ERR; } |