From dc0c23ec9d5a89b8bdc3aed8e0b8a31a0c6fee69 Mon Sep 17 00:00:00 2001
From: Katie Hockman <katie@golang.org>
Date: Fri, 1 Nov 2019 11:15:44 -0400
Subject: [PATCH] crypto/dsa: change bitwise checks to mod operations

Even though bitwise operations may be slightly more
performant, the readability improvement of a mod
operation is worth the tradeoff.

Change-Id: I352c92ad355c6eb6ef99e3da00e1eff2d2ea5812
Reviewed-on: https://go-review.googlesource.com/c/go/+/204739
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
---
 src/crypto/dsa/dsa.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/crypto/dsa/dsa.go b/src/crypto/dsa/dsa.go
index 575314b1b46..bc8e2f99bdc 100644
--- a/src/crypto/dsa/dsa.go
+++ b/src/crypto/dsa/dsa.go
@@ -202,7 +202,7 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err
 	// FIPS 186-3, section 4.6
 
 	n := priv.Q.BitLen()
-	if priv.Q.Sign() <= 0 || priv.P.Sign() <= 0 || priv.G.Sign() <= 0 || priv.X.Sign() <= 0 || n&7 != 0 {
+	if priv.Q.Sign() <= 0 || priv.P.Sign() <= 0 || priv.G.Sign() <= 0 || priv.X.Sign() <= 0 || n%8 != 0 {
 		err = ErrInvalidPublicKey
 		return
 	}
@@ -281,7 +281,7 @@ func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool {
 	w := new(big.Int).ModInverse(s, pub.Q)
 
 	n := pub.Q.BitLen()
-	if n&7 != 0 {
+	if n%8 != 0 {
 		return false
 	}
 	z := new(big.Int).SetBytes(hash)