AuroraMiddleware/libtomcrypt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #402 from libtom/pr/fix-ecc_set_key

Browse Source 
fix ecc_set_key - no check of private key input buffer size
This commit is contained in:
karel-m 2018-06-10 19:06:24 +02:00 committed by GitHub
commit d11a1a7f06
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/pk/ecc/ecc_set_key.c
View File

@ -24,24 +24,22 @@ int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key
a = key->dp.A;
b = key->dp.B;
if (type == PK_PRIVATE && inlen <= (unsigned long)key->dp.size) {
if (type == PK_PRIVATE) {
/* load private key */
if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)in, inlen)) != CRYPT_OK) {
goto error;
}
if (mp_iszero(key->k)) {
if (mp_iszero(key->k) || (mp_cmp(key->k, key->dp.order) != LTC_MP_LT)) {
err = CRYPT_INVALID_PACKET;
goto error;
}
/* compute public key */
if ((err = ltc_mp.ecc_ptmul(key->k, &key->dp.base, &key->pubkey, a, prime, 1)) != CRYPT_OK) { goto error; }
key->type = type;
}
else if (type == PK_PUBLIC) {
/* load public key */
if ((err = ltc_ecc_import_point(in, inlen, prime, a, b, key->pubkey.x, key->pubkey.y)) != CRYPT_OK) { goto error; }
if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto error; }
key->type = type;
}
else {
err = CRYPT_INVALID_PACKET;
@ -53,6 +51,7 @@ int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key
goto error;
}
key->type = type;
return CRYPT_OK;
error: