diff options
| author | NIIBE Yutaka <gniibe@fsij.org> | 2021-02-02 10:16:13 +0900 |
|---|---|---|
| committer | NIIBE Yutaka <gniibe@fsij.org> | 2021-02-02 10:16:13 +0900 |
| commit | 598d0f3e0294a487e01b88cc714a8cd0a47329bb (patch) | |
| tree | 20b62254e71f4e4164c662a03f5a01c44babc4e7 /cipher/ecc-sm2.c | |
| parent | d50bdfbc10e07a318645239e375b46c90593e1a0 (diff) | |
| download | libgcrypt-598d0f3e0294a487e01b88cc714a8cd0a47329bb.tar.gz | |
ecc: Add checking key for ECDSA.
* cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_verify): Validate public key.
* cipher/ecc-gost.c (_gcry_ecc_gost_verify): Likewise.
* cipher/ecc-sm2.c (_gcry_ecc_sm2_verify): Likewise.
--
GnuPG-bug-id: 5282
Reported-by: Guido Vranken <guidovranken@gmail.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'cipher/ecc-sm2.c')
| -rw-r--r-- | cipher/ecc-sm2.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/cipher/ecc-sm2.c b/cipher/ecc-sm2.c index 135c7697..c52629fd 100644 --- a/cipher/ecc-sm2.c +++ b/cipher/ecc-sm2.c @@ -500,6 +500,9 @@ _gcry_ecc_sm2_verify (gcry_mpi_t input, mpi_ec_t ec, gcry_mpi_t x1, y1; unsigned int nbits; + if (!_gcry_mpi_ec_curve_point (ec->Q, ec)) + return GPG_ERR_BROKEN_PUBKEY; + /* r, s within [1, n-1] */ if (mpi_cmp_ui (r, 1) < 0 || mpi_cmp (r, ec->n) > 0) return GPG_ERR_BAD_SIGNATURE; |