diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2019-03-27 17:38:28 +1000 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-03-30 14:49:00 +0100 |
commit | cad8347be23c5e0c0d9eea02d090d42daf2dd7a9 (patch) | |
tree | 6e5440ae5afad0ce406193488ff30f5ca97c2c5b /crypto/ec | |
parent | 863360fbc57ea25521fb3477d353d07376163c7f (diff) |
fixed public range check in ec_GF2m_simple_oct2point
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/8607)
Diffstat (limited to 'crypto/ec')
-rw-r--r-- | crypto/ec/ec2_oct.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c index 59258392a2..ca36bb1673 100644 --- a/crypto/ec/ec2_oct.c +++ b/crypto/ec/ec2_oct.c @@ -237,7 +237,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) { point_conversion_form_t form; - int y_bit; + int y_bit, m; BN_CTX *new_ctx = NULL; BIGNUM *x, *y, *yxi; size_t field_len, enc_len; @@ -270,7 +270,8 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, return EC_POINT_set_to_infinity(group, point); } - field_len = (EC_GROUP_get_degree(group) + 7) / 8; + m = EC_GROUP_get_degree(group); + field_len = (m + 7) / 8; enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; @@ -295,7 +296,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, if (!BN_bin2bn(buf + 1, field_len, x)) goto err; - if (BN_ucmp(x, group->field) >= 0) { + if (BN_num_bits(x) > m) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); goto err; } @@ -306,7 +307,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, } else { if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err; - if (BN_ucmp(y, group->field) >= 0) { + if (BN_num_bits(y) > m) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); goto err; } |