diff options
| author | Ian Lance Taylor <ian@gcc.gnu.org> | 2016-04-13 19:11:16 +0000 |
|---|---|---|
| committer | Ian Lance Taylor <ian@gcc.gnu.org> | 2016-04-13 19:11:16 +0000 |
| commit | 88b5d499b5bc3e18c87917aedb817c98b027f47a (patch) | |
| tree | bcc1d22ec63255a12044941df76a5bd63e1fbadf /libgo/go/crypto | |
| parent | 10c3c4245b5c080727639467aaf298c8a5c30bea (diff) | |
| download | gcc-88b5d499b5bc3e18c87917aedb817c98b027f47a.zip gcc-88b5d499b5bc3e18c87917aedb817c98b027f47a.tar.gz gcc-88b5d499b5bc3e18c87917aedb817c98b027f47a.tar.bz2 | |
libgo: update to Go 1.6.1 release
Reviewed-on: https://go-review.googlesource.com/22007
From-SVN: r234958
Diffstat (limited to 'libgo/go/crypto')
| -rw-r--r-- | libgo/go/crypto/dsa/dsa.go | 4 | ||||
| -rw-r--r-- | libgo/go/crypto/ecdsa/ecdsa.go | 11 | ||||
| -rw-r--r-- | libgo/go/crypto/rsa/rsa.go | 5 |
3 files changed, 16 insertions, 4 deletions
diff --git a/libgo/go/crypto/dsa/dsa.go b/libgo/go/crypto/dsa/dsa.go index 28e981b..9f414a4 100644 --- a/libgo/go/crypto/dsa/dsa.go +++ b/libgo/go/crypto/dsa/dsa.go @@ -249,6 +249,10 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool { // FIPS 186-3, section 4.7 + if pub.P.Sign() == 0 { + return false + } + if r.Sign() < 1 || r.Cmp(pub.Q) >= 0 { return false } diff --git a/libgo/go/crypto/ecdsa/ecdsa.go b/libgo/go/crypto/ecdsa/ecdsa.go index 0731f2b..e54488c 100644 --- a/libgo/go/crypto/ecdsa/ecdsa.go +++ b/libgo/go/crypto/ecdsa/ecdsa.go @@ -23,6 +23,7 @@ import ( "crypto/elliptic" "crypto/sha512" "encoding/asn1" + "errors" "io" "math/big" ) @@ -140,6 +141,8 @@ func fermatInverse(k, N *big.Int) *big.Int { return new(big.Int).Exp(k, nMinus2, N) } +var errZeroParam = errors.New("zero parameter") + // Sign signs an arbitrary length hash (which should be the result of hashing a // larger message) using the private key, priv. It returns the signature as a // pair of integers. The security of the private key depends on the entropy of @@ -180,7 +183,9 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err // See [NSA] 3.4.1 c := priv.PublicKey.Curve N := c.Params().N - + if N.Sign() == 0 { + return nil, nil, errZeroParam + } var k, kInv *big.Int for { for { @@ -193,7 +198,7 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err if in, ok := priv.Curve.(invertible); ok { kInv = in.Inverse(k) } else { - kInv = fermatInverse(k, N) + kInv = fermatInverse(k, N) // N != 0 } r, _ = priv.Curve.ScalarBaseMult(k.Bytes()) @@ -207,7 +212,7 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err s = new(big.Int).Mul(priv.D, r) s.Add(s, e) s.Mul(s, kInv) - s.Mod(s, N) + s.Mod(s, N) // N != 0 if s.Sign() != 0 { break } diff --git a/libgo/go/crypto/rsa/rsa.go b/libgo/go/crypto/rsa/rsa.go index ee022b8..0f487fe 100644 --- a/libgo/go/crypto/rsa/rsa.go +++ b/libgo/go/crypto/rsa/rsa.go @@ -465,6 +465,9 @@ func decrypt(random io.Reader, priv *PrivateKey, c *big.Int) (m *big.Int, err er err = ErrDecryption return } + if priv.N.Sign() == 0 { + return nil, ErrDecryption + } var ir *big.Int if random != nil { @@ -490,7 +493,7 @@ func decrypt(random io.Reader, priv *PrivateKey, c *big.Int) (m *big.Int, err er } } bigE := big.NewInt(int64(priv.E)) - rpowe := new(big.Int).Exp(r, bigE, priv.N) + rpowe := new(big.Int).Exp(r, bigE, priv.N) // N != 0 cCopy := new(big.Int).Set(c) cCopy.Mul(cCopy, rpowe) cCopy.Mod(cCopy, priv.N) |