aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-03-20 12:15:35 -0400
committerJack Lloyd <[email protected]>2018-03-21 03:40:00 -0400
commitad66550111bac3f64fdf3eef4c630a9eb09be321 (patch)
tree824204d40fbdd77c5ac622a8ac022950ab792b3d /src/lib/pubkey
parent230ec136952ce4077b988302e940518a8f5454f2 (diff)
Shift ECDSA inputs to match OpenSSL behavior
See also GH #986
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r--src/lib/pubkey/ecdsa/ecdsa.cpp4
-rw-r--r--src/lib/pubkey/ecgdsa/ecgdsa.cpp4
2 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp
index 6ff02e8c9..f35693189 100644
--- a/src/lib/pubkey/ecdsa/ecdsa.cpp
+++ b/src/lib/pubkey/ecdsa/ecdsa.cpp
@@ -81,7 +81,7 @@ secure_vector<uint8_t>
ECDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
- const BigInt m(msg, msg_len);
+ BigInt m(msg, msg_len, m_group.get_order_bits());
#if defined(BOTAN_HAS_RFC6979_GENERATOR)
const BigInt k = generate_rfc6979_nonce(m_x, m_group.get_order(), m, m_rfc6979_hash);
@@ -134,7 +134,7 @@ bool ECDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len,
if(sig_len != m_group.get_order_bytes() * 2)
return false;
- const BigInt e(msg, msg_len);
+ const BigInt e(msg, msg_len, m_group.get_order_bits());
const BigInt r(sig, sig_len / 2);
const BigInt s(sig + sig_len / 2, sig_len / 2);
diff --git a/src/lib/pubkey/ecgdsa/ecgdsa.cpp b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
index db790b0d1..12962d18c 100644
--- a/src/lib/pubkey/ecgdsa/ecgdsa.cpp
+++ b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
@@ -57,7 +57,7 @@ secure_vector<uint8_t>
ECGDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
- const BigInt m(msg, msg_len);
+ const BigInt m(msg, msg_len, m_group.get_order_bits());
BigInt k = BigInt::random_integer(rng, 1, m_group.get_order());
@@ -107,7 +107,7 @@ bool ECGDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len,
if(sig_len != m_group.get_order_bytes() * 2)
return false;
- const BigInt e(msg, msg_len);
+ const BigInt e(msg, msg_len, m_group.get_order_bits());
const BigInt r(sig, sig_len / 2);
const BigInt s(sig + sig_len / 2, sig_len / 2);