yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-02 19:01:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Validate peer's public key in ECDH

Browse source 
This protects against invalid curve attacks.

(It's also a tiny step in the direction of protecting against some fault
injection attacks.)
This commit is contained in:
Manuel Pégourié-Gonnard 2019-10-14 14:02:07 +02:00
parent 4a658a01c6
commit 6ee7a4e01c
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
tinycrypt/ecc_dh.c
View file

@ -169,6 +169,12 @@ int uECC_shared_secret(const uint8_t *public_key, const uint8_t *private_key,
wordcount_t num_bytes = curve->num_bytes; wordcount_t num_bytes = curve->num_bytes;
int r; int r;
/* Protect against invalid curve attacks */
if (uECC_valid_public_key(public_key, curve) != 0) {
r = 0;
goto clear_and_out;
}
/* Converting buffers to correct bit order: */ /* Converting buffers to correct bit order: */
uECC_vli_bytesToNative(_private, uECC_vli_bytesToNative(_private,
private_key, private_key,