Merge pull request #576 from toddouska/dsa_zero

add dsa sign sanity check on r/s
2016-09-22 15:14:43 -06:00
parent e4b8e6a447 d9163e4554
commit 98841e8b47
1 changed files with 4 additions and 0 deletions
--- a/wolfcrypt/src/dsa.c
+++ b/wolfcrypt/src/dsa.c
@@ -401,6 +401,10 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
    if (ret == 0 && mp_mulmod(&s, &kInv, &key->q, &s) != MP_OKAY)
        ret = MP_MULMOD_E;

+    /* detect zero r or s */
+    if (ret == 0 && (mp_iszero(&r) == MP_YES || mp_iszero(&s) == MP_YES))
+        ret = MP_ZERO_E;
+
    /* write out */
    if (ret == 0)  {
        int rSz = mp_unsigned_bin_size(&r);