From: Richard Levitte <levitte@openssl.org>
Date: Wed, 25 Mar 2015 13:41:58 +0000 (+0100)
Subject: Initialised 'ok' and redo the logic.
X-Git-Tag: OpenSSL_1_1_0-pre1~1371
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=06affe3dac65592a341547f5a47e52cedb7b71f8;p=thirdparty%2Fopenssl.git

Initialised 'ok' and redo the logic.

The logic with how 'ok' was calculated didn't quite convey what's "ok",
so the logic is slightly redone to make it less confusing.

Reviewed-by: Andy Polyakov <appro@openssl.org>
---

diff --git a/engines/ccgost/gost_sign.c b/engines/ccgost/gost_sign.c
index b3e1007dbbe..fad2004361a 100644
--- a/engines/ccgost/gost_sign.c
+++ b/engines/ccgost/gost_sign.c
@@ -167,7 +167,7 @@ int gost_do_verify(const unsigned char *dgst, int dgst_len,
     BIGNUM *q2 = NULL;
     BIGNUM *u = NULL, *v = NULL, *z1 = NULL, *z2 = NULL;
     BIGNUM *tmp2 = NULL, *tmp3 = NULL;
-    int ok;
+    int ok = 0;
     BN_CTX *ctx = BN_CTX_new();
     if(!ctx) {
         GOSTerr(GOST_F_GOST_DO_VERIFY, ERR_R_MALLOC_FAILURE);
@@ -208,9 +208,9 @@ int gost_do_verify(const unsigned char *dgst, int dgst_len,
     BN_mod_exp(tmp2, dsa->pub_key, z2, dsa->p, ctx);
     BN_mod_mul(tmp3, tmp, tmp2, dsa->p, ctx);
     BN_mod(u, tmp3, dsa->q, ctx);
-    ok = BN_cmp(u, sig->r);
+    ok = (BN_cmp(u, sig->r) == 0);
 
-    if (ok != 0) {
+    if (!ok) {
         GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH);
     }
 err:
@@ -219,7 +219,7 @@ err:
         BN_CTX_end(ctx);
         BN_CTX_free(ctx);
     }
-    return (ok == 0);
+    return ok;
 }
 
 /*