[openssl] OpenSSL_1_0_2-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Sat Mar 30 14:17:44 UTC 2019
The branch OpenSSL_1_0_2-stable has been updated
via d3299a33e5acdf61502755d807d5885c17c46003 (commit)
from c3e7beab2a302e3eff45b156751240d0897d50f5 (commit)
- Log -----------------------------------------------------------------
commit d3299a33e5acdf61502755d807d5885c17c46003
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Wed Mar 27 17:38:28 2019 +1000
fixed public range check in ec_GF2m_simple_oct2point
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/8607)
(cherry picked from commit cad8347be23c5e0c0d9eea02d090d42daf2dd7a9)
-----------------------------------------------------------------------
Summary of changes:
crypto/ec/ec2_oct.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c
index 0d04cc6..6f2f7ca 100644
--- a/crypto/ec/ec2_oct.c
+++ b/crypto/ec/ec2_oct.c
@@ -299,7 +299,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
BN_CTX *ctx)
{
point_conversion_form_t form;
- int y_bit;
+ int y_bit, m;
BN_CTX *new_ctx = NULL;
BIGNUM *x, *y, *yxi;
size_t field_len, enc_len;
@@ -332,7 +332,8 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
return EC_POINT_set_to_infinity(group, point);
}
- field_len = (EC_GROUP_get_degree(group) + 7) / 8;
+ m = EC_GROUP_get_degree(group);
+ field_len = (m + 7) / 8;
enc_len =
(form ==
POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
@@ -357,7 +358,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
if (!BN_bin2bn(buf + 1, field_len, x))
goto err;
- if (BN_ucmp(x, &group->field) >= 0) {
+ if (BN_num_bits(x) > m) {
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
goto err;
}
@@ -369,7 +370,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
} else {
if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
goto err;
- if (BN_ucmp(y, &group->field) >= 0) {
+ if (BN_num_bits(y) > m) {
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
goto err;
}
More information about the openssl-commits
mailing list