diff dss.c @ 1410:771e4a7051e0

improve value range validation
author Matt Johnston <matt@ucc.asn.au>
date Wed, 14 Jun 2017 23:31:15 +0800
parents c721e8c42d2a
children a54b22f4058d 79582b52a791
line wrap: on
line diff
--- a/dss.c	Fri May 26 21:08:43 2017 +0800
+++ b/dss.c	Wed Jun 14 23:31:15 2017 +0800
@@ -181,6 +181,10 @@
 		TRACE(("verify failed, s' >= q"))
 		goto out;
 	}
+	if (mp_cmp_d(&val1, 0) != MP_GT) {
+		TRACE(("verify failed, s' <= 0"))
+		goto out;
+	}
 	/* let val2 = w = (s')^-1 mod q*/
 	if (mp_invmod(&val1, key->q, &val2) != MP_OKAY) {
 		goto out;
@@ -202,6 +206,10 @@
 		TRACE(("verify failed, r' >= q"))
 		goto out;
 	}
+	if (mp_cmp_d(&val1, 0) != MP_GT) {
+		TRACE(("verify failed, r' <= 0"))
+		goto out;
+	}
 	/* let val4 = u2 = ((r')w) mod q */
 	if (mp_mulmod(&val1, &val2, key->q, &val4) != MP_OKAY) {
 		goto out;