Diffusion libgcrypt 006e51cd83a1

ecc: Fix wrong handling of shorten PK bytes.
006e51cd83a1
Actions

Tags

None

Subscribers

None

Description

ecc: Fix wrong handling of shorten PK bytes.

* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Zeros are
already recovered.

Before the commit 6cb6df9, it worked correctly (in fact), because the
condition "rawmpilen < nbytes" never matched. The commit tried to
detect removal (to fill) by wrong way, but it _is_ recovered already
in _gcry_mpi_get_buffer by the FILL_LE argument. This bug only hits
when removed zeros are long enough to be a limb.

Fixes-commit: 6cb6df9dddac6ad246002b83c2ce0aaa0ecf30e5
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Provenance

Authored on Oct 24 2019, 2:32 AM

Parents

rC3de8991c8543: ecc: Add a keygrip testcase for cv25519.

Branches

Unknown

Tags

Unknown

Event Timeline

• gniibe committed rC006e51cd83a1: ecc: Fix wrong handling of shorten PK bytes. (authored by • gniibe).Oct 24 2019, 2:32 AM

• gniibe committed rC006e51cd83a1: ecc: Fix wrong handling of shorten PK bytes. (authored by • gniibe).

Changes (1)

Path

Size

cipher/

rC006e51cd83a1

cipher/ecc-misc.c

Loading...