Skip to content

Commit

Permalink
crypto/dsa: eliminate invalid PublicKey early
Browse files Browse the repository at this point in the history 
For PublicKey.P == 0, Verify will fail. Don't even try.

Change-Id: I1009f2b3dead8d0041626c946633acb10086d8c8
Reviewed-on: https://go-review.googlesource.com/21533
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-on: https://go-review.googlesource.com/21694
  • Loading branch information
@griesemer @adg
griesemer authored and adg committed Apr 8, 2016
1 parent e805bf3 commit 2d8ecac
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions src/crypto/dsa/dsa.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,10 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err
func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool {
// FIPS 186-3, section 4.7

if pub.P.Sign() == 0 {
return false
}

if r.Sign() < 1 || r.Cmp(pub.Q) >= 0 {
return false
}
Expand Down

0 comments on commit 2d8ecac

Please sign in to comment.