crypto/dsa: eliminate invalid PublicKey early

For PublicKey.P == 0, Verify will fail. Don't even try. Change-Id: I1009f2b3dead8d0041626c946633acb10086d8c8 Reviewed-on: https://go-review.googlesource.com/21533 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-on: https://go-review.googlesource.com/21694
author: Robert Griesemer <gri@golang.org> 2016-04-05 09:44:00 -0700
committer: Andrew Gerrand <adg@golang.org> 2016-04-08 05:21:02 +0000
commit: 2d8ecac3d0dbceed8830a43a3e752770577ffed1 (patch)
tree: acc7b9edc1950ab1d176857c6bac0b59de1e7aad /src
parent: e805bf39458915365924228dc53969ce04e32813 (diff)
download: go-git-2d8ecac3d0dbceed8830a43a3e752770577ffed1.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/crypto/dsa/dsa.go b/src/crypto/dsa/dsa.go
index 28e981b9dd..9f414a470c 100644
--- a/src/crypto/dsa/dsa.go
+++ b/src/crypto/dsa/dsa.go
@@ -249,6 +249,10 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err
 func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool {
 	// FIPS 186-3, section 4.7
 
+	if pub.P.Sign() == 0 {
+		return false
+	}
+
 	if r.Sign() < 1 || r.Cmp(pub.Q) >= 0 {
 		return false
 	}
author	Robert Griesemer <gri@golang.org>	2016-04-05 09:44:00 -0700
committer	Andrew Gerrand <adg@golang.org>	2016-04-08 05:21:02 +0000
commit	2d8ecac3d0dbceed8830a43a3e752770577ffed1 (patch)
tree	acc7b9edc1950ab1d176857c6bac0b59de1e7aad /src
parent	e805bf39458915365924228dc53969ce04e32813 (diff)
download	go-git-2d8ecac3d0dbceed8830a43a3e752770577ffed1.tar.gz