From fc19c36bf801330b2393e3edaf1546e1dcd9e6df Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Mon, 29 Jul 2024 10:48:08 +1000
Subject: [PATCH] Dilithium: fix check hint

When all indeces are 0, then don't check hints against indeces.
---
 tests/api.c               | 6 ++++++
 wolfcrypt/src/dilithium.c | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/tests/api.c b/tests/api.c
index e59c8c2bed..cae0de7320 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -32389,6 +32389,12 @@ static int test_wc_dilithium_verify(void)
             0);
         ExpectIntEQ(res, 0);
         sig[100] ^= 0x80;
+
+        /* Set all indeces to 0. */
+        XMEMSET(sig + sigLen - 4, 0, 4);
+        ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key),
+            SIG_VERIFY_E);
+        ExpectIntEQ(res, 0);
     }
 #endif
 
diff --git a/wolfcrypt/src/dilithium.c b/wolfcrypt/src/dilithium.c
index 521353c608..a40265fa07 100644
--- a/wolfcrypt/src/dilithium.c
+++ b/wolfcrypt/src/dilithium.c
@@ -3183,11 +3183,11 @@ static int dilithium_check_hint(const byte* h, byte k, byte omega)
     unsigned int i;
 
     /* Skip polynomial index while count is 0. */
-    while ((h[omega + o] == 0) && (o < k)) {
+    while ((o < k) && (h[omega + o] == 0)) {
         o++;
     }
     /* Check all possible hints. */
-    for (i = 1; i < omega; i++) {
+    for (i = 1; (o < k) && (i < omega); i++) {
         /* Done with polynomial if index equals count of hints. */
         if (i == h[omega + o]) {
             /* Next polynomial index while count is index. */