# HG changeset patch
# User Matt Johnston <matt@ucc.asn.au>
# Date 1497454275 -28800
# Node ID 771e4a7051e07f0ddd64148eb8e19bfc24c575a7
# Parent  c721e8c42d2a09ed25b9c4ff9536cd9e20b9cf6e
improve value range validation

diff -r c721e8c42d2a -r 771e4a7051e0 dss.c
--- a/dss.c	Fri May 26 21:08:43 2017 +0800
+++ b/dss.c	Wed Jun 14 23:31:15 2017 +0800
@@ -181,6 +181,10 @@
 		TRACE(("verify failed, s' >= q"))
 		goto out;
 	}
+	if (mp_cmp_d(&val1, 0) != MP_GT) {
+		TRACE(("verify failed, s' <= 0"))
+		goto out;
+	}
 	/* let val2 = w = (s')^-1 mod q*/
 	if (mp_invmod(&val1, key->q, &val2) != MP_OKAY) {
 		goto out;
@@ -202,6 +206,10 @@
 		TRACE(("verify failed, r' >= q"))
 		goto out;
 	}
+	if (mp_cmp_d(&val1, 0) != MP_GT) {
+		TRACE(("verify failed, r' <= 0"))
+		goto out;
+	}
 	/* let val4 = u2 = ((r')w) mod q */
 	if (mp_mulmod(&val1, &val2, key->q, &val4) != MP_OKAY) {
 		goto out;