[git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-248-gce74693
by NIIBE Yutaka
cvs at cvs.gnupg.org
Mon Aug 10 12:11:16 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via ce746936b6c210e602d106cfbf45cf60b408d871 (commit)
from 0e17f7a05bba309a87811992aa47a77af9935b99 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ce746936b6c210e602d106cfbf45cf60b408d871
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Mon Aug 10 19:09:16 2015 +0900
ecc: fix Montgomery curve bugs.
* cipher/ecc.c (check_secret_key): Y1 should not be NULL when check.
(ecc_check_secret_key): Support Montgomery curve.
* mpi/ec.c (_gcry_mpi_ec_curve_point): Fix condition.
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
index 51d9e39..a74501d 100644
--- a/cipher/ecc-curves.c
+++ b/cipher/ecc-curves.c
@@ -108,7 +108,7 @@ typedef struct
const char *p; /* The prime defining the field. */
const char *a, *b; /* The coefficients. For Twisted Edwards
Curves b is used for d. For Montgomery
- Curves a has (A-2)/4. */
+ Curves (a,b) has ((A-2)/4,B^-1). */
const char *n; /* The order of the base point. */
const char *g_x, *g_y; /* Base point. */
const char *h; /* Cofactor. */
diff --git a/cipher/ecc.c b/cipher/ecc.c
index cc617f8..4958fbb 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -450,7 +450,7 @@ check_secret_key (ECC_secret_key *sk, mpi_ec_t ec, int flags)
else if (!mpi_cmp_ui (sk->Q.z, 1))
{
/* Fast path if Q is already in affine coordinates. */
- if (mpi_cmp (x1, sk->Q.x) || (!y1 && mpi_cmp (y1, sk->Q.y)))
+ if (mpi_cmp (x1, sk->Q.x) || (y1 && mpi_cmp (y1, sk->Q.y)))
{
if (DBG_CIPHER)
log_debug
@@ -825,6 +825,8 @@ ecc_check_secret_key (gcry_sexp_t keyparms)
point_init (&sk.Q);
if (ec->dialect == ECC_DIALECT_ED25519)
rc = _gcry_ecc_eddsa_decodepoint (mpi_q, ec, &sk.Q, NULL, NULL);
+ else if (ec->model == MPI_EC_MONTGOMERY)
+ rc = _gcry_ecc_mont_decodepoint (mpi_q, ec, &sk.Q);
else
rc = _gcry_ecc_os2ec (&sk.Q, mpi_q);
if (rc)
diff --git a/mpi/ec.c b/mpi/ec.c
index 0b7c7a7..7266f2a 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -1470,7 +1470,7 @@ _gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx)
mpi_rshift (p_minus1, p_minus1, 1);
ec_powm (w, w, p_minus1, ctx);
- res = mpi_cmp_ui (w, 1);
+ res = !mpi_cmp_ui (w, 1);
#undef p_minus1
}
break;
-----------------------------------------------------------------------
Summary of changes:
cipher/ecc-curves.c | 2 +-
cipher/ecc.c | 4 +++-
mpi/ec.c | 2 +-
3 files changed, 5 insertions(+), 3 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list