lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge pull request #4199 from TRodziewicz/mul_shortcut_fix

Browse Source 
Fix ECDSA failing when the hash is all-bits-zero
This commit is contained in:
Manuel Pégourié-Gonnard
2021-04-19 09:54:12 +02:00
committed by GitHub
parent cbcefae955 05942058e7
commit 0bbb38c67e
6 changed files with 146 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
library/ecp.c
View File

@ -2810,7 +2810,7 @@ cleanup:
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/*
* R = m * P with shortcuts for m == 1 and m == -1
* R = m * P with shortcuts for m == 0, m == 1 and m == -1
* NOT constant-time - ONLY for short Weierstrass!
*/
static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
@ -2821,7 +2821,11 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( mbedtls_mpi_cmp_int( m, 1 ) == 0 )
if( mbedtls_mpi_cmp_int( m, 0 ) == 0 )
{
MBEDTLS_MPI_CHK( mbedtls_ecp_set_zero( R ) );
}
else if( mbedtls_mpi_cmp_int( m, 1 ) == 0 )
{
MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
}