cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-30 19:20:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix theoretical compliance issue in ECDSA

Browse Source 
The issue would happen for curves whose bitlength is not a multiple of eight
(the only case is NIST P-521) with hashes that are longer than the bitlength
of the curve: since the wides hash is 512 bits long, this can't happen.
Fixing however as a matter of principle and readability.
This commit is contained in:
Manuel Pégourié-Gonnard 2014-01-03 12:55:15 +01:00
parent c9573998ca
commit e7072f8d11
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
library/ecdsa.c
View File

@ -43,8 +43,16 @@
static int derive_mpi( const ecp_group *grp, mpi *x, static int derive_mpi( const ecp_group *grp, mpi *x,
const unsigned char *buf, size_t blen ) const unsigned char *buf, size_t blen )
{ {
int ret;
size_t n_size = (grp->nbits + 7) / 8; size_t n_size = (grp->nbits + 7) / 8;
return( mpi_read_binary( x, buf, blen > n_size ? n_size : blen ) ); size_t use_size = blen > n_size ? n_size : blen;
MPI_CHK( mpi_read_binary( x, buf, use_size ) );
if( use_size * 8 > grp->nbits )
MPI_CHK( mpi_shift_r( x, use_size * 8 - grp->nbits ) );
cleanup:
return( ret );
} }
/* /*