2 files changed, 12 insertions, 12 deletions

diff --git a/src/ltc/pk/dsa/dsa_sign_hash.c b/src/ltc/pk/dsa/dsa_sign_hash.c
index e9ca8ee6..c9da8cf7 100644
--- a/src/ltc/pk/dsa/dsa_sign_hash.c
+++ b/src/ltc/pk/dsa/dsa_sign_hash.c
@@ -84,8 +84,8 @@ retry:
 
    if (mp_iszero(r) == LTC_MP_YES)                                                     { goto retry; }
 
-   /* FIPS 186-4 4.6: use leftmost min(bitlen(q), bitlen(hash)) */
-   if (inlen > (unsigned long)key->qord) inlen = (unsigned long)key->qord;
+   /* FIPS 186-4 4.6: use leftmost min(bitlen(q), bitlen(hash)) bits of 'hash'*/
+   inlen = MIN(inlen, (unsigned long)(key->qord));
 
    /* now find s = (in + xr)/k mod q */
    if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK)      { goto error; }
@@ -96,7 +96,7 @@ retry:
    if (mp_iszero(s) == LTC_MP_YES)                                                     { goto retry; }
 
    err = CRYPT_OK;
-error: 
+error:
    mp_clear_multi(k, kinv, tmp, NULL);
 ERRBUF:
 #ifdef LTC_CLEAN_STACK
@@ -137,9 +137,9 @@ int dsa_sign_hash(const unsigned char *in,  unsigned long inlen,
       goto error;
    }
 
-   err = der_encode_sequence_multi(out, outlen, 
-                             LTC_ASN1_INTEGER, 1UL, r, 
-                             LTC_ASN1_INTEGER, 1UL, s, 
+   err = der_encode_sequence_multi(out, outlen,
+                             LTC_ASN1_INTEGER, 1UL, r,
+                             LTC_ASN1_INTEGER, 1UL, s,
                              LTC_ASN1_EOL,     0UL, NULL);
 
 error:
diff --git a/src/ltc/pk/dsa/dsa_verify_hash.c b/src/ltc/pk/dsa/dsa_verify_hash.c
index 93c313a1..d2473915 100644
--- a/src/ltc/pk/dsa/dsa_verify_hash.c
+++ b/src/ltc/pk/dsa/dsa_verify_hash.c
@@ -29,7 +29,7 @@
   @return CRYPT_OK if successful (even if the signature is invalid)
 */
 int dsa_verify_hash_raw(         void   *r,          void   *s,
-                    const unsigned char *hash, unsigned long hashlen, 
+                    const unsigned char *hash, unsigned long hashlen,
                                     int *stat,      dsa_key *key)
 {
    void          *w, *v, *u1, *u2;
@@ -55,7 +55,7 @@ int dsa_verify_hash_raw(         void   *r,          void   *s,
    }
 
    /* FIPS 186-4 4.7: use leftmost min(bitlen(q), bitlen(hash)) bits of 'hash' */
-   if (hashlen > (unsigned long)key->qord) hashlen = (unsigned long)key->qord;
+   hashlen = MIN(hashlen, (unsigned long)(key->qord));
 
    /* w = 1/s mod q */
    if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK)                                       { goto error; }
@@ -65,7 +65,7 @@ int dsa_verify_hash_raw(         void   *r,          void   *s,
    if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK)                                  { goto error; }
 
    /* u2 = r*w mod q */
-   if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK)                                   { goto error; } 
+   if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK)                                   { goto error; }
 
    /* v = g^u1 * y^u2 mod p mod q */
    if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK)                            { goto error; }
@@ -95,7 +95,7 @@ error:
   @return CRYPT_OK if successful (even if the signature is invalid)
 */
 int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
-                    const unsigned char *hash, unsigned long hashlen, 
+                    const unsigned char *hash, unsigned long hashlen,
                     int *stat, dsa_key *key)
 {
    int    err;
@@ -107,8 +107,8 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
 
    /* decode the sequence */
    if ((err = der_decode_sequence_multi(sig, siglen,
-                                  LTC_ASN1_INTEGER, 1UL, r, 
-                                  LTC_ASN1_INTEGER, 1UL, s, 
+                                  LTC_ASN1_INTEGER, 1UL, r,
+                                  LTC_ASN1_INTEGER, 1UL, s,
                                   LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
       goto LBL_ERR;
    }