diff options
Diffstat (limited to 'src/ltc/pk')
-rw-r--r-- | src/ltc/pk/dsa/dsa_sign_hash.c | 12 | ||||
-rw-r--r-- | src/ltc/pk/dsa/dsa_verify_hash.c | 12 |
2 files changed, 12 insertions, 12 deletions
diff --git a/src/ltc/pk/dsa/dsa_sign_hash.c b/src/ltc/pk/dsa/dsa_sign_hash.c index e9ca8ee6..c9da8cf7 100644 --- a/src/ltc/pk/dsa/dsa_sign_hash.c +++ b/src/ltc/pk/dsa/dsa_sign_hash.c @@ -84,8 +84,8 @@ retry: if (mp_iszero(r) == LTC_MP_YES) { goto retry; } - /* FIPS 186-4 4.6: use leftmost min(bitlen(q), bitlen(hash)) */ - if (inlen > (unsigned long)key->qord) inlen = (unsigned long)key->qord; + /* FIPS 186-4 4.6: use leftmost min(bitlen(q), bitlen(hash)) bits of 'hash'*/ + inlen = MIN(inlen, (unsigned long)(key->qord)); /* now find s = (in + xr)/k mod q */ if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } @@ -96,7 +96,7 @@ retry: if (mp_iszero(s) == LTC_MP_YES) { goto retry; } err = CRYPT_OK; -error: +error: mp_clear_multi(k, kinv, tmp, NULL); ERRBUF: #ifdef LTC_CLEAN_STACK @@ -137,9 +137,9 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, goto error; } - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, + err = der_encode_sequence_multi(out, outlen, + LTC_ASN1_INTEGER, 1UL, r, + LTC_ASN1_INTEGER, 1UL, s, LTC_ASN1_EOL, 0UL, NULL); error: diff --git a/src/ltc/pk/dsa/dsa_verify_hash.c b/src/ltc/pk/dsa/dsa_verify_hash.c index 93c313a1..d2473915 100644 --- a/src/ltc/pk/dsa/dsa_verify_hash.c +++ b/src/ltc/pk/dsa/dsa_verify_hash.c @@ -29,7 +29,7 @@ @return CRYPT_OK if successful (even if the signature is invalid) */ int dsa_verify_hash_raw( void *r, void *s, - const unsigned char *hash, unsigned long hashlen, + const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { void *w, *v, *u1, *u2; @@ -55,7 +55,7 @@ int dsa_verify_hash_raw( void *r, void *s, } /* FIPS 186-4 4.7: use leftmost min(bitlen(q), bitlen(hash)) bits of 'hash' */ - if (hashlen > (unsigned long)key->qord) hashlen = (unsigned long)key->qord; + hashlen = MIN(hashlen, (unsigned long)(key->qord)); /* w = 1/s mod q */ if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; } @@ -65,7 +65,7 @@ int dsa_verify_hash_raw( void *r, void *s, if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; } /* u2 = r*w mod q */ - if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } /* v = g^u1 * y^u2 mod p mod q */ if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; } @@ -95,7 +95,7 @@ error: @return CRYPT_OK if successful (even if the signature is invalid) */ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, + const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { int err; @@ -107,8 +107,8 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, /* decode the sequence */ if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, + LTC_ASN1_INTEGER, 1UL, r, + LTC_ASN1_INTEGER, 1UL, s, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto LBL_ERR; } |