diff options
author | NIIBE Yutaka <gniibe@fsij.org> | 2020-06-23 10:05:26 +0900 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2020-06-23 10:05:26 +0900 |
commit | 1db1dc7945b111b6e20a8420ad38a358316681ab (patch) | |
tree | 3866b1b51a4e3f0cd486606c160a32ab3f73d9a8 | |
parent | 35a78eb248d6bacd2a58477a122a0020d796ce63 (diff) | |
download | libgcrypt-1db1dc7945b111b6e20a8420ad38a358316681ab.tar.gz |
ecc: Fix length computation.
* cipher/ecc-curves.c (mpi_ec_setup_elliptic_curve): Add one only for
Edwards case.
Fixes-commit: 3386aaf84d4d89b6ff931533df2ff82ed3f7c7f9
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-rw-r--r-- | cipher/ecc-curves.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 6ebd60c3..f8d561cb 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -1157,7 +1157,10 @@ mpi_ec_setup_elliptic_curve (mpi_ec_t ec, int flags, unsigned int n = mpi_get_nbits (ec->d); unsigned int len; - len = (ec->nbits%8) == 0 ? (ec->nbits/8 + 1) : (ec->nbits+7)/8; + len = (ec->nbits+7)/8; + /* EdDSA requires additional bit for sign. */ + if ((ec->nbits%8) == 0 && ec->model == MPI_EC_EDWARDS) + len++; if ((n+7)/8 != len) { |