yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-24 19:11:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add checks for private parameter in ecdsa_sign()

Browse source
This commit is contained in:
Darryl Green 2017-11-20 15:53:43 +00:00
parent 75ea35eac8
commit fdac76f330
2 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -14,6 +14,8 @@ Bugfix
* Fix leap year calculation in x509_date_is_valid() to ensure that invalid
dates on leap years with 100 and 400 intervals are handled correctly. Found
by Nicholas Wilson. #694
* Add a check for invalid private parameters in ecdsa_sign.
Reported by Yolan Romailler.
= mbed TLS 1.3.21 branch released 2017-08-10

4
library/ecdsa.c
View file

@ -110,6 +110,10 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
if( grp->N.p == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
/* Make sure d is in range 1..n-1 */
if( mpi_cmp_int( d, 1 ) < 0 || mpi_cmp_mpi( d, &grp->N ) >= 0 )
return( POLARSSL_ERR_ECP_INVALID_KEY );
ecp_point_init( &R );
mpi_init( &k ); mpi_init( &e ); mpi_init( &t );