[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] 02/02: Niibe writes:
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] 02/02: Niibe writes: |
Date: |
Thu, 31 May 2018 08:17:22 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
commit 2b99bddcb6961cfda34087138acdda4b8b9ccb9f
Author: Christian Grothoff <address@hidden>
AuthorDate: Thu May 31 08:16:17 2018 +0200
Niibe writes:
Sorry, I was not reading the code of GNUnet well. I overlooked how the
eddsa_d_to_a function was written and its intention. I read it again.
Indeed, the eddsa_d_to_a function tries to handle the case where
gcry_mpi_print returns rawmpilen < 32, putting "left pad" by DIGEST.
The problem is:
DIGEST is not cleared (although comment says so).
I think that the stack had zero-byte for some reason on your 32-bit
machine.
Here is the correction. Clear DIGEST, as comment says.
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 8d9091b23..280603234 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -1273,24 +1273,15 @@ eddsa_d_to_a (gcry_mpi_t d)
b = 256 / 8; /* number of bytes in `d` */
+ memset (hvec, 0, sizeof hvec);
/* Note that we clear DIGEST so we can use it as input to left pad
the key with zeroes for hashing. */
- memset (hvec, 0, sizeof hvec);
+ memset (digest, 0, sizeof digest);
rawmpilen = sizeof (rawmpi);
GNUNET_assert (0 ==
gcry_mpi_print (GCRYMPI_FMT_USG,
rawmpi, rawmpilen, &rawmpilen,
d));
- if (rawmpilen < 32)
- {
- memmove (rawmpi + 32 - rawmpilen,
- rawmpi,
- rawmpilen);
- memset (rawmpi,
- 0,
- 32 - rawmpilen);
- rawmpilen = 32;
- }
hvec[0].data = digest;
hvec[0].off = 0;
hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
--
---
src/util/crypto_ecc.c | 11 +----------
1 file changed, 1 insertion(+), 10 deletions(-)
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 8d9091b23..200371cd7 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -1275,22 +1275,13 @@ eddsa_d_to_a (gcry_mpi_t d)
/* Note that we clear DIGEST so we can use it as input to left pad
the key with zeroes for hashing. */
+ memset (digest, 0, sizeof digest);
memset (hvec, 0, sizeof hvec);
rawmpilen = sizeof (rawmpi);
GNUNET_assert (0 ==
gcry_mpi_print (GCRYMPI_FMT_USG,
rawmpi, rawmpilen, &rawmpilen,
d));
- if (rawmpilen < 32)
- {
- memmove (rawmpi + 32 - rawmpilen,
- rawmpi,
- rawmpilen);
- memset (rawmpi,
- 0,
- 32 - rawmpilen);
- rawmpilen = 32;
- }
hvec[0].data = digest;
hvec[0].off = 0;
hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
--
To stop receiving notification emails like this one, please contact
address@hidden