diff options
author | Robert Griesemer <gri@golang.org> | 2016-04-05 09:44:00 -0700 |
---|---|---|
committer | Andrew Gerrand <adg@golang.org> | 2016-04-08 05:11:39 +0000 |
commit | 2cfbb875208f4acecfb0b72de5aebe37e8d03a35 (patch) | |
tree | 1935fbbf1f35d78156a8bf7e7e71209150de885b | |
parent | 92faba5418973d6b21a8b34ad85bb17dbb27df37 (diff) | |
download | go-2cfbb875208f4acecfb0b72de5aebe37e8d03a35.tar.gz go-2cfbb875208f4acecfb0b72de5aebe37e8d03a35.zip |
crypto/dsa: eliminate invalid PublicKey early
For PublicKey.P == 0, Verify will fail. Don't even try.
Change-Id: I1009f2b3dead8d0041626c946633acb10086d8c8
Reviewed-on: https://go-review.googlesource.com/21533
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-on: https://go-review.googlesource.com/21637
-rw-r--r-- | src/crypto/dsa/dsa.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/crypto/dsa/dsa.go b/src/crypto/dsa/dsa.go index b7565a61b0..0ecb24ab22 100644 --- a/src/crypto/dsa/dsa.go +++ b/src/crypto/dsa/dsa.go @@ -249,6 +249,10 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool { // FIPS 186-3, section 4.7 + if pub.P.Sign() == 0 { + return false + } + if r.Sign() < 1 || r.Cmp(pub.Q) >= 0 { return false } |