dsa_sign_hash: testing k < q

2013-10-09 20:34:28 +02:00 · 2013-10-09 20:34:28 +02:00 · e600ab9d35
commit e600ab9d35
parent 72022edb8d
1 changed files with 2 additions and 2 deletions
--- a/src/pk/dsa/dsa_sign_hash.c
+++ b/src/pk/dsa/dsa_sign_hash.c
@ -73,8 +73,8 @@ retry:
      /* read k */
      if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK)                 { goto error; }
-      /* k > 1 ? */
+      /* k > 1 and k < q ? */
-      if (mp_cmp_d(k, 1) != LTC_MP_GT)                                                 { goto retry; }
+      if (mp_cmp_d(k, 1) != LTC_MP_GT || mp_cmp(k, key->q) != LTC_MP_LT)               { goto retry; }
      /* test gcd */
      if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK)                                  { goto error; }