1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
From cc2f85116226bf9e2b77c4949eb1e7ea2357f67d Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@wheatstone.g10code.de>
Date: Tue, 16 Apr 2013 18:59:22 +0200
Subject: [PATCH] Fix multiply by zero in gcry_mpi_ec_mul.
* mpi/ec.c (_gcry_mpi_ec_mul_point): Handle case of SCALAR == 0.
--
This is backport from master leaving out the test case.
Signed-off-by: Werner Koch <wk@gnupg.org>
---
mpi/ec.c | 21 +++++++++++++++++----
1 file changed, 17 insertions(+), 4 deletions(-)
diff --git a/mpi/ec.c b/mpi/ec.c
index ce86e09..fa00818 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -670,10 +670,23 @@ _gcry_mpi_ec_mul_point (mpi_point_t *result,
mpi_mul (h, k, ctx->three); /* h = 3k */
loops = mpi_get_nbits (h);
-
- mpi_set (result->x, point->x);
- mpi_set (result->y, yy); mpi_free (yy); yy = NULL;
- mpi_set (result->z, point->z);
+ if (loops < 2)
+ {
+ /* If SCALAR is zero, the above mpi_mul sets H to zero and thus
+ LOOPs will be zero. To avoid an underflow of I in the main
+ loop we set LOOP to 2 and the result to (0,0,0). */
+ loops = 2;
+ mpi_clear (result->x);
+ mpi_clear (result->y);
+ mpi_clear (result->z);
+ }
+ else
+ {
+ mpi_set (result->x, point->x);
+ mpi_set (result->y, yy);
+ mpi_set (result->z, point->z);
+ }
+ mpi_free (yy); yy = NULL;
p1.x = x1; x1 = NULL;
p1.y = y1; y1 = NULL;
--
2.7.0
|
