Loading crypto/ecdsa/ecs_ossl.c +15 −0 Original line number Diff line number Diff line Loading @@ -384,6 +384,21 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } if (8 * dgst_len > BN_num_bits(order)) { /* XXX * * Should provide for optional hash truncation: * Keep the BN_num_bits(order) leftmost bits of dgst * (see March 2006 FIPS 186-3 draft, which has a few * confusing errors in this part though) */ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); ret = 0; goto err; } if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || Loading Loading
crypto/ecdsa/ecs_ossl.c +15 −0 Original line number Diff line number Diff line Loading @@ -384,6 +384,21 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } if (8 * dgst_len > BN_num_bits(order)) { /* XXX * * Should provide for optional hash truncation: * Keep the BN_num_bits(order) leftmost bits of dgst * (see March 2006 FIPS 186-3 draft, which has a few * confusing errors in this part though) */ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); ret = 0; goto err; } if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || Loading
