^ is not a good way to check for all zeros :) Spotted by sneves@

2014-01-26 16:47:55 -08:00 · 2014-01-26 16:47:55 -08:00 · 28b3f2ab0e
commit 28b3f2ab0e
parent 49114ee2f5
1 changed files with 1 additions and 1 deletions
--- a/src/libsodium/crypto_sign/ed25519/ref10/open.c
+++ b/src/libsodium/crypto_sign/ed25519/ref10/open.c
@ -21,7 +21,7 @@ int crypto_sign_open(
  if (smlen < 64) return -1;
  if (sm[63] & 224) return -1;
  if (ge_frombytes_negate_vartime(&A,pk) != 0) return -1;
-  for (i = 0; i < 32; ++i) d ^= pk[i];
+  for (i = 0; i < 32; ++i) d |= pk[i];
  if (d == 0) return -1;

  for (i = 0;i < smlen;++i) m[i] = sm[i];