diff options
author | lloyd <[email protected]> | 2012-05-18 18:34:03 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-05-18 18:34:03 +0000 |
commit | e0070253386bfd39b2a782c66ccf0caf9ce87ca2 (patch) | |
tree | f1a7a75d00fdfd3f1f9690b4e377136840fc8bf8 /src/pubkey/nr/nr.cpp | |
parent | 9cdff001953ce80cd15ff556a5ae08aaa98d2df5 (diff) |
NR_Verification_Operation::verify_mr would return false if the input
was not the right size for a signature (following DSA). This would
silently convert to an empty vector which we would treat as a valid
message on the return. However the EMSA checks will always fail so not
a huge problem.
While checking this out I noticed that an empty value for EMSA4 would
result in us reading memory we didn't own.
Diffstat (limited to 'src/pubkey/nr/nr.cpp')
-rw-r--r-- | src/pubkey/nr/nr.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp index 61cf7eb3f..03885e140 100644 --- a/src/pubkey/nr/nr.cpp +++ b/src/pubkey/nr/nr.cpp @@ -124,7 +124,7 @@ NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len) const BigInt& q = mod_q.get_modulus(); if(msg_len != 2*q.bytes()) - return false; + throw Invalid_Argument("NR verification: Invalid signature"); BigInt c(msg, q.bytes()); BigInt d(msg + q.bytes(), q.bytes()); |