mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:50:51 +02:00
Merge pull request #10505 from Frauschi/slhdsa_fix
Fix hashType comparison in SLH-DSA
This commit is contained in:
@@ -8295,11 +8295,9 @@ int wc_SlhDsaKey_SignHash(SlhDsaKey* key, const byte* ctx, byte ctxSz,
|
||||
else if ((key->flags & WC_SLHDSA_FLAG_PRIVATE) == 0) {
|
||||
ret = MISSING_KEY;
|
||||
}
|
||||
/* The cryptocb path below casts hashType to word32 to fit the
|
||||
* wc_CryptoInfo.preHashType field. Reject negative enum values here so
|
||||
* the cast can't smuggle a huge unsigned value past the callback (the
|
||||
* downstream prehash validator only inspects values it knows about). */
|
||||
else if ((int)hashType < 0) {
|
||||
/* First sanity check on hashType; the downstream prehash validator does
|
||||
* the detailed check for the actual type. */
|
||||
else if ((word32)hashType > (word32)WC_HASH_TYPE_MAX) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
@@ -8421,11 +8419,9 @@ int wc_SlhDsaKey_VerifyHash(SlhDsaKey* key, const byte* ctx, byte ctxSz,
|
||||
else if ((key->flags & WC_SLHDSA_FLAG_PUBLIC) == 0) {
|
||||
ret = MISSING_KEY;
|
||||
}
|
||||
/* The cryptocb path below casts hashType to word32 to fit the
|
||||
* wc_CryptoInfo.preHashType field. Reject negative enum values here so
|
||||
* the cast can't smuggle a huge unsigned value past the callback (the
|
||||
* downstream prehash validator only inspects values it knows about). */
|
||||
else if ((int)hashType < 0) {
|
||||
/* First sanity check on hashType; the downstream prehash validator does
|
||||
* the detailed check for the actual type. */
|
||||
else if ((word32)hashType > (word32)WC_HASH_TYPE_MAX) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user