|
1 From 2cfbb875208f4acecfb0b72de5aebe37e8d03a35 Mon Sep 17 00:00:00 2001 |
|
2 From: Robert Griesemer <[email protected]> |
|
3 Date: Tue, 5 Apr 2016 09:44:00 -0700 |
|
4 Subject: [PATCH 74/79] crypto/dsa: eliminate invalid PublicKey early |
|
5 |
|
6 For PublicKey.P == 0, Verify will fail. Don't even try. |
|
7 |
|
8 Change-Id: I1009f2b3dead8d0041626c946633acb10086d8c8 |
|
9 Reviewed-on: https://go-review.googlesource.com/21533 |
|
10 Reviewed-by: Brad Fitzpatrick <[email protected]> |
|
11 Run-TryBot: Brad Fitzpatrick <[email protected]> |
|
12 TryBot-Result: Gobot Gobot <[email protected]> |
|
13 Reviewed-on: https://go-review.googlesource.com/21637 |
|
14 --- |
|
15 src/crypto/dsa/dsa.go | 4 ++++ |
|
16 1 file changed, 4 insertions(+) |
|
17 |
|
18 diff --git a/src/crypto/dsa/dsa.go b/src/crypto/dsa/dsa.go |
|
19 index b7565a6..0ecb24a 100644 |
|
20 --- a/src/crypto/dsa/dsa.go |
|
21 +++ b/src/crypto/dsa/dsa.go |
|
22 @@ -249,6 +249,10 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err |
|
23 func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool { |
|
24 // FIPS 186-3, section 4.7 |
|
25 |
|
26 + if pub.P.Sign() == 0 { |
|
27 + return false |
|
28 + } |
|
29 + |
|
30 if r.Sign() < 1 || r.Cmp(pub.Q) >= 0 { |
|
31 return false |
|
32 } |
|
33 -- |
|
34 2.7.4 |
|
35 |