4 Aug
2014
4 Aug
'14
12:10 p.m.
Hi Jeroen,
On 30 July 2014 15:17, Jeroen Hofstee dasuboot@myspectrum.nl wrote:
Hello Simon,
{
- uint32_t i;
- int i;
- for (i = key->len - 1; i >= 0; i--) {
- for (i = (int)key->len - 1; i >= 0; i--) { if (num[i] < key->modulus[i]) return 0; if (num[i] > key->modulus[i])
I did indeed not post a patch, since I do not know how this code is used and how critical it is. And I still haven't bothered to look it up.
So just a general comment, which might not make any sense at all for the actual usage. If num can somehow be controlled by an
I meant key->len here of course ^
OK I see. Well the key length is range-checked in pow_mod(). If a key length of 0 were used, it would not be a valid signature - this function might do strange things. But the key length has to match the public key, so something like that would juts cause a verification failure higher up the stack.
Regards, Simon