]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_cryptkit/lib/feeECDSA.c
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-58286.20.16.tar.gz
[apple/security.git] / OSX / libsecurity_cryptkit / lib / feeECDSA.c
diff --git a/OSX/libsecurity_cryptkit/lib/feeECDSA.c b/OSX/libsecurity_cryptkit/lib/feeECDSA.c
index 601bc6a4f70e55c87439f3328c4f973f34b3a2c9..57736073d3602f0f6231505f288810e032ed2df3 100644 (file)
--- a/OSX/libsecurity_cryptkit/lib/feeECDSA.c
+++ b/OSX/libsecurity_cryptkit/lib/feeECDSA.c
@@ -456,6 +456,17 @@ feeReturn feeECDSAVerify(const unsigned char *sigData,
 
        sigDbg(("ECDSA verify:\n"));
 
 
        sigDbg(("ECDSA verify:\n"));
 
+    /*
+     * Verify that c and d are within [1,group_order-1]
+     */
+    if((gcompg(cp->cOrderPlus, c) != 1) || (gcompg(cp->cOrderPlus, d) != 1) ||
+       isZero(c) || isZero(d))
+    {
+        returnGiant(c);
+        returnGiant(d);
+        return FR_InvalidSignature;
+    }
+
        /*
         * W = signer's public key
         */
        /*
         * W = signer's public key
         */
mirror of Security