From c07a7deec283bc450aa6ccd3b14f19d97c279f20 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Mon, 18 Oct 2021 10:17:49 -0600
Subject: [PATCH] sanity check on q value with DSA sign

---
 tests/api.c         | 3 +++
 wolfcrypt/src/dsa.c | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/tests/api.c b/tests/api.c
index 15c3ec4c3..cd8c06951 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -19594,6 +19594,9 @@ static int test_wc_DsaSignVerify (void)
     mp_free(&key.q);
     mp_init(&key.q);
     AssertIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
+
+    mp_set_int(&key.q, 1);
+    AssertIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
 #endif
 
     if (wc_FreeRng(&rng) && ret == 0) {
diff --git a/wolfcrypt/src/dsa.c b/wolfcrypt/src/dsa.c
index adee05616..7e6cf17bc 100644
--- a/wolfcrypt/src/dsa.c
+++ b/wolfcrypt/src/dsa.c
@@ -762,6 +762,12 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
             break;
         }
 
+        /* if q-1 is 0 or smaller, k will never end up being less than it */
+        if (mp_iszero(qMinus1) || mp_isneg(qMinus1)) {
+            ret = BAD_FUNC_ARG;
+            break;
+        }
+
         do {
             /* Step 4: generate k */
             if ((ret = wc_RNG_GenerateBlock(rng, buffer, halfSz))) {