From 27076d80252718dd0fba70ec9ab72f32f999061c Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Fri, 2 Oct 2015 21:35:57 -0400
Subject: Impressive how much trouble one can get into with one uninitialized
 bignum.

---
 ecdsa.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'ecdsa.c')

diff --git a/ecdsa.c b/ecdsa.c
index d355cbb..32855df 100644
--- a/ecdsa.c
+++ b/ecdsa.c
@@ -363,8 +363,8 @@ static inline hal_error_t point_to_montgomery(ec_point_t *P,
   if (fp_cmp_d(unconst_fp_int(P->z), 1) != FP_EQ)
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  if (fp_mulmod(unconst_fp_int(P->x), unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->x) != FP_OKAY ||
-      fp_mulmod(unconst_fp_int(P->y), unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->y) != FP_OKAY)
+  if (fp_mulmod(P->x, unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->x) != FP_OKAY ||
+      fp_mulmod(P->y, unconst_fp_int(curve->mu), unconst_fp_int(curve->q), P->y) != FP_OKAY)
     return HAL_ERROR_IMPOSSIBLE;
 
   fp_copy(unconst_fp_int(curve->mu), P->z);
@@ -529,6 +529,7 @@ static inline void point_add(const ec_point_t * const P,
   const int P_was_infinite = point_is_infinite(P);
 
   fp_int Qy_neg[1];
+  fp_init(Qy_neg);
   fp_sub(unconst_fp_int(curve->q), unconst_fp_int(Q->y), Qy_neg);
   const int result_is_infinite = fp_cmp(unconst_fp_int(P->y), Qy_neg) == FP_EQ && same_xz;
   fp_zero(Qy_neg);
-- 
cgit v1.2.3