aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2015-10-02 21:35:57 -0400
committerRob Austein <sra@hactrn.net>2015-10-02 21:35:57 -0400
commit27076d80252718dd0fba70ec9ab72f32f999061c (patch)
tree2304feffd97a2060adb60bd2ea2c20b6bc13bc15
parent610839d50eed57703fc16d7e0520dcc03600bf84 (diff)
Impressive how much trouble one can get into with one uninitialized bignum.
-rw-r--r--ecdsa.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/ecdsa.c b/ecdsa.c
index d355cbb..32855df 100644
--- a/ecdsa.c
+++ b/ecdsa.c
@@ -363,8 +363,8 @@ static inline hal_error_t point_to_montgomery(ec_point_t *P,
if (fp_cmp_d(unconst_fp_int(P->z), 1) != FP_EQ)
return HAL_ERROR_BAD_ARGUMENTS;
- if (fp_mulmod(unconst_fp_int(P->x), unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->x) != FP_OKAY ||
- fp_mulmod(unconst_fp_int(P->y), unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->y) != FP_OKAY)
+ if (fp_mulmod(P->x, unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->x) != FP_OKAY ||
+ fp_mulmod(P->y, unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->y) != FP_OKAY)
return HAL_ERROR_IMPOSSIBLE;
fp_copy(unconst_fp_int(curve->mu), P->z);
@@ -529,6 +529,7 @@ static inline void point_add(const ec_point_t * const P,
const int P_was_infinite = point_is_infinite(P);
fp_int Qy_neg[1];
+ fp_init(Qy_neg);
fp_sub(unconst_fp_int(curve->q), unconst_fp_int(Q->y), Qy_neg);
const int result_is_infinite = fp_cmp(unconst_fp_int(P->y), Qy_neg) == FP_EQ && same_xz;
fp_zero(Qy_neg);