[openssl-users] possible C bugs in ecp_nistp521
bbrumley at gmail.com
Wed Jan 9 20:29:21 UTC 2019
> I would expect that correct results would be provided for all valid
> inputs (including those inputs that are not otherwise constrained).
> As such, I would class this as a bug in OpenSSL.
These functions are not part of the public OpenSSL API so that's just
not how it works. There is a ton of internal code across the library
that makes assumptions about the inputs, e.g. in this case the
internal caller using some non-trivial representation that somehow
In this instance, I suspect Patrick's statement is valid -- hopefully
it's just a documentation typo and the bounds are tighter.
In any case, this (and any other might-be arithmetic bug) is
potentially a security issue so it shouldn't be discussed on a public
More information about the openssl-users