diff --git a/src/dap_enc_dilithium.c b/src/dap_enc_dilithium.c
index 265299e8d4ab042dcd123804d7c7ffe59edfd0c2..04cddb4a3af340dc78862ea9812dd163572e4a0c 100755
--- a/src/dap_enc_dilithium.c
+++ b/src/dap_enc_dilithium.c
@@ -133,13 +133,13 @@ uint8_t* dap_enc_dilithium_write_signature(dilithium_signature_t* a_sign, size_t
/* Deserialize a signature */
dilithium_signature_t* dap_enc_dilithium_read_signature(uint8_t *a_buf, size_t a_buflen)
{
- if(!a_buf || a_buflen < (sizeof(size_t) + sizeof(dilithium_kind_t)))
+ if( !a_buf || (a_buflen < (sizeof(size_t) + sizeof(dilithium_kind_t)) ) )
return NULL ;
dilithium_kind_t kind;
- size_t l_buflen = 0;
- memcpy(&l_buflen, a_buf, sizeof(size_t));
+ size_t l_buflen_internal = 0;
+ memcpy(&l_buflen_internal, a_buf, sizeof(size_t));
memcpy(&kind, a_buf + sizeof(size_t), sizeof(dilithium_kind_t));
- if(l_buflen != a_buflen)
+ if(l_buflen_internal != a_buflen)
return NULL ;
dilithium_param_t p;
if(!dilithium_params_init(&p, kind))
diff --git a/src/dap_sign.c b/src/dap_sign.c
index 75524217e8aff1adc4e291a6f569c23bb097ec8d..6db1f549bf5acce9a36fc5c960475e2b08a6d91a 100755
--- a/src/dap_sign.c
+++ b/src/dap_sign.c
@@ -319,34 +319,50 @@ int dap_sign_verify(dap_sign_t * a_chain_sign, const void * a_data, const size_t
{
int l_ret;
if (!a_chain_sign || !a_data)
- return -1;
+ return -2;
dap_enc_key_t * l_key = dap_sign_to_enc_key(a_chain_sign);
- size_t l_sign_size = a_chain_sign->header.sign_size;
- size_t l_sign_ser_size;
- uint8_t *l_sign_ser = dap_sign_get_sign(a_chain_sign, &l_sign_ser_size);
+
+ if ( ! l_key ){
+ log_it(L_WARNING,"Incorrect signature, can't extract key");
+ return -3;
+ }
+ size_t l_sign_data_ser_size;
+ uint8_t *l_sign_data_ser = dap_sign_get_sign(a_chain_sign, &l_sign_data_ser_size);
+
+ if ( ! l_sign_data_ser ){
+ log_it(L_WARNING,"Incorrect signature, can't extract serialized signature's data ");
+ return -4;
+ }
+
+ size_t l_sign_data_size = a_chain_sign->header.sign_size;
// deserialize signature
- uint8_t * l_sign = dap_enc_key_deserealize_sign(l_key->type, l_sign_ser, &l_sign_size);
+ uint8_t * l_sign_data = dap_enc_key_deserealize_sign(l_key->type, l_sign_data_ser, &l_sign_data_size);
+
+ if ( ! l_sign_data ){
+ log_it(L_WARNING,"Incorrect signature, can't deserialize signature's data");
+ return -5;
+ }
//uint8_t * l_sign = a_chain_sign->pkey_n_sign + a_chain_sign->header.sign_pkey_size;
switch (l_key->type) {
- case DAP_ENC_KEY_TYPE_SIG_TESLA:
- case DAP_ENC_KEY_TYPE_SIG_PICNIC:
- case DAP_ENC_KEY_TYPE_SIG_DILITHIUM:
- if(l_key->dec_na(l_key, a_data, a_data_size, l_sign, l_sign_size) > 0)
- l_ret = 0;
- else
- l_ret = 1;
- break;
- case DAP_ENC_KEY_TYPE_SIG_BLISS:
- if(dap_enc_sig_bliss_verify_sign(l_key, a_data, a_data_size, l_sign, l_sign_size) != BLISS_B_NO_ERROR)
- l_ret = 0;
- else
- l_ret = 1;
- break;
- default:
- l_ret = -1;
- }
- dap_enc_key_signature_delete(l_key->type, l_sign);
+ case DAP_ENC_KEY_TYPE_SIG_TESLA:
+ case DAP_ENC_KEY_TYPE_SIG_PICNIC:
+ case DAP_ENC_KEY_TYPE_SIG_DILITHIUM:
+ if(l_key->dec_na(l_key, a_data, a_data_size, l_sign_data, l_sign_data_size) > 0)
+ l_ret = 0;
+ else
+ l_ret = 1;
+ break;
+ case DAP_ENC_KEY_TYPE_SIG_BLISS:
+ if(dap_enc_sig_bliss_verify_sign(l_key, a_data, a_data_size, l_sign_data, l_sign_data_size) != BLISS_B_NO_ERROR)
+ l_ret = 0;
+ else
+ l_ret = 1;
+ break;
+ default:
+ l_ret = -6;
+ }
+ dap_enc_key_signature_delete(l_key->type, l_sign_data);
dap_enc_key_delete(l_key);
return l_ret;
}