Merge pull request #3 from jakinyele/master

Security improvements to RSA/ECDSA code using OpenSSL
bcoin-org · Aug 10, 2018 · 33e7c1d · 33e7c1d
2 parents 85dec54 + 6577dcb
commit 33e7c1d
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 8 deletions.
diff --git a/src/blake2b/blake2b.c b/src/blake2b/blake2b.c
@@ -201,8 +201,7 @@ bcrypto_blake2b_init_key(
   memset(P->salt, 0, sizeof(P->salt));
   memset(P->personal, 0, sizeof(P->personal));
 
-  if (bcrypto_blake2b_init_param(ctx, P) < 0)
-    return -1;
+  bcrypto_blake2b_init_param(ctx, P);
 
   {
     uint8_t block[BCRYPTO_BLAKE2B_BLOCKBYTES];

diff --git a/src/ecdsa/ecdsa.c b/src/ecdsa/ecdsa.c
@@ -554,7 +554,7 @@ bcrypto_ecdsa_verify(
   if (!sig_ec)
     goto fail;
 
-  if (!ECDSA_do_verify(msg, msg_len, sig_ec, pub_ec))
+  if (ECDSA_do_verify(msg, msg_len, sig_ec, pub_ec) <= 0)
     goto fail;
 
   EC_KEY_free(pub_ec);

diff --git a/src/random/random.c b/src/random/random.c
@@ -10,12 +10,10 @@ bcrypto_random(uint8_t *dst, size_t len) {
   for (;;) {
     int status = RAND_status();
 
-    assert(status >= 0);
-
-    if (status != 0)
+    if (status == 1)
       break;
 
-    if (RAND_poll() == 0)
+    if (RAND_poll() == 1)
       break;
   }
 

diff --git a/src/rsa/rsa.c b/src/rsa/rsa.c
@@ -539,7 +539,7 @@ bcrypto_rsa_verify_priv(const bcrypto_rsa_key_t *priv) {
   if (!priv_r)
     goto fail;
 
-  if (!RSA_check_key(priv_r))
+  if (RSA_check_key(priv_r) <= 0)
     goto fail;
 
   RSA_free(priv_r);