dsa_verify_hash: properly handle (=reject) negative r, s

2017-08-25 00:39:07 +02:00
parent aade47c62c
commit 7e4bd971de
1 changed files with 1 additions and 1 deletions
@@ -47,7 +47,7 @@ int dsa_verify_hash_raw(         void   *r,          void   *s,
   }

   /* neither r or s can be null or >q*/
-   if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) {
+   if (mp_cmp_d(r, 0) != LTC_MP_GT || mp_cmp_d(s, 0) != LTC_MP_GT || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) {
      err = CRYPT_INVALID_PACKET;
      goto error;
   }