^ is not a good way to check for all zeros :) Spotted by sneves@

This commit is contained in:
Frank Denis 2014-01-26 16:47:55 -08:00
parent 49114ee2f5
commit 28b3f2ab0e

View File

@ -21,7 +21,7 @@ int crypto_sign_open(
if (smlen < 64) return -1; if (smlen < 64) return -1;
if (sm[63] & 224) return -1; if (sm[63] & 224) return -1;
if (ge_frombytes_negate_vartime(&A,pk) != 0) return -1; if (ge_frombytes_negate_vartime(&A,pk) != 0) return -1;
for (i = 0; i < 32; ++i) d ^= pk[i]; for (i = 0; i < 32; ++i) d |= pk[i];
if (d == 0) return -1; if (d == 0) return -1;
for (i = 0;i < smlen;++i) m[i] = sm[i]; for (i = 0;i < smlen;++i) m[i] = sm[i];