summaryrefslogtreecommitdiff
path: root/ecc-gostdsa-verify.c
diff options
context:
space:
mode:
authorNiels Möller <nisse@lysator.liu.se>2021-03-13 16:29:50 +0100
committerNiels Möller <nisse@lysator.liu.se>2021-03-13 19:20:39 +0100
commitfbaefb64b90cb45b7075a0ed72a92f2a1fbcd2ab (patch)
tree974e05fe26e7657ed20b44207c0c02aba6a5564c /ecc-gostdsa-verify.c
parentc24b36160dc5303f7541dd9da1429c4046f27398 (diff)
downloadnettle-fbaefb64b90cb45b7075a0ed72a92f2a1fbcd2ab.tar.gz
Analogous fix to ecc_gostdsa_verify.
* ecc-gostdsa-verify.c (ecc_gostdsa_verify): Use ecc_mod_mul_canonical to compute the scalars used for ecc multiplication.
Diffstat (limited to 'ecc-gostdsa-verify.c')
-rw-r--r--ecc-gostdsa-verify.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/ecc-gostdsa-verify.c b/ecc-gostdsa-verify.c
index c0613f4f..fcdd4644 100644
--- a/ecc-gostdsa-verify.c
+++ b/ecc-gostdsa-verify.c
@@ -102,11 +102,11 @@ ecc_gostdsa_verify (const struct ecc_curve *ecc,
ecc->q.invert (&ecc->q, vp, hp, vp + ecc->p.size);
/* z1 = s / h, P1 = z1 * G */
- ecc_mod_mul (&ecc->q, z1, sp, vp, z1);
+ ecc_mod_mul_canonical (&ecc->q, z1, sp, vp, z1);
/* z2 = - r / h, P2 = z2 * Y */
- ecc_mod_mul (&ecc->q, z2, rp, vp, z2);
- mpn_sub_n (z2, ecc->q.m, z2, ecc->p.size);
+ mpn_sub_n (hp, ecc->q.m, rp, ecc->p.size);
+ ecc_mod_mul_canonical (&ecc->q, z2, hp, vp, z2);
/* Total storage: 5*ecc->p.size + ecc->mul_itch */
ecc->mul (ecc, P2, z2, pp, z2 + ecc->p.size);
View Lorry Controller Status