[openssl] OpenSSL_1_0_2-stable update

bernd.edlinger at hotmail.de bernd.edlinger at hotmail.de
Sat Mar 30 14:17:44 UTC 2019 

The branch OpenSSL_1_0_2-stable has been updated
       via  d3299a33e5acdf61502755d807d5885c17c46003 (commit)
      from  c3e7beab2a302e3eff45b156751240d0897d50f5 (commit)


- Log -----------------------------------------------------------------
commit d3299a33e5acdf61502755d807d5885c17c46003
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Wed Mar 27 17:38:28 2019 +1000

    fixed public range check in ec_GF2m_simple_oct2point
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
    (Merged from https://github.com/openssl/openssl/pull/8607)
    
    (cherry picked from commit cad8347be23c5e0c0d9eea02d090d42daf2dd7a9)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ec/ec2_oct.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c
index 0d04cc6..6f2f7ca 100644
--- a/crypto/ec/ec2_oct.c
+++ b/crypto/ec/ec2_oct.c
@@ -299,7 +299,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
                              BN_CTX *ctx)
 {
     point_conversion_form_t form;
-    int y_bit;
+    int y_bit, m;
     BN_CTX *new_ctx = NULL;
     BIGNUM *x, *y, *yxi;
     size_t field_len, enc_len;
@@ -332,7 +332,8 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
         return EC_POINT_set_to_infinity(group, point);
     }
 
-    field_len = (EC_GROUP_get_degree(group) + 7) / 8;
+    m = EC_GROUP_get_degree(group);
+    field_len = (m + 7) / 8;
     enc_len =
         (form ==
          POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
@@ -357,7 +358,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
 
     if (!BN_bin2bn(buf + 1, field_len, x))
         goto err;
-    if (BN_ucmp(x, &group->field) >= 0) {
+    if (BN_num_bits(x) > m) {
         ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
         goto err;
     }
@@ -369,7 +370,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
     } else {
         if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
             goto err;
-        if (BN_ucmp(y, &group->field) >= 0) {
+        if (BN_num_bits(y) > m) {
             ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
             goto err;
         }

More information about the openssl-commits mailing list