diff options
author | NIIBE Yutaka <gniibe@fsij.org> | 2015-11-25 08:41:41 +0900 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2016-02-09 18:25:27 +0900 |
commit | 23b72901f8a5ba9a78485b235c7a917fbc8faae0 (patch) | |
tree | d18e9b093d7fb3c7fb99b9fc20e01bb667e4910c | |
parent | 8353884bc65c820d5bcacaf1ac23cdee72091a09 (diff) | |
download | libgcrypt-23b72901f8a5ba9a78485b235c7a917fbc8faae0.tar.gz |
ecc: input validation on ECDH.
* cipher/ecc.c (ecc_decrypt_raw): Validate the point.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(forward port from LIBGCRYPT-1-6-BRANCH
commit 28eb424e4427b320ec1c9c4ce56af25d495230bd)
-rw-r--r-- | cipher/ecc.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/cipher/ecc.c b/cipher/ecc.c index 7d6ad94c..b861925b 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -1570,6 +1570,12 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) if (DBG_CIPHER) log_printpnt ("ecc_decrypt kG", &kG, NULL); + if (!_gcry_mpi_ec_curve_point (&kG, ec)) + { + point_free (&kG); + return GPG_ERR_INV_DATA; + } + /* R = dkG */ _gcry_mpi_ec_mul_point (&R, sk.d, &kG, ec); |