diff options
author | Jack Lloyd <[email protected]> | 2018-03-20 12:15:35 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-03-21 03:40:00 -0400 |
commit | ad66550111bac3f64fdf3eef4c630a9eb09be321 (patch) | |
tree | 824204d40fbdd77c5ac622a8ac022950ab792b3d /src/lib/pubkey | |
parent | 230ec136952ce4077b988302e940518a8f5454f2 (diff) |
Shift ECDSA inputs to match OpenSSL behavior
See also GH #986
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r-- | src/lib/pubkey/ecdsa/ecdsa.cpp | 4 | ||||
-rw-r--r-- | src/lib/pubkey/ecgdsa/ecgdsa.cpp | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp index 6ff02e8c9..f35693189 100644 --- a/src/lib/pubkey/ecdsa/ecdsa.cpp +++ b/src/lib/pubkey/ecdsa/ecdsa.cpp @@ -81,7 +81,7 @@ secure_vector<uint8_t> ECDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len, RandomNumberGenerator& rng) { - const BigInt m(msg, msg_len); + BigInt m(msg, msg_len, m_group.get_order_bits()); #if defined(BOTAN_HAS_RFC6979_GENERATOR) const BigInt k = generate_rfc6979_nonce(m_x, m_group.get_order(), m, m_rfc6979_hash); @@ -134,7 +134,7 @@ bool ECDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len, if(sig_len != m_group.get_order_bytes() * 2) return false; - const BigInt e(msg, msg_len); + const BigInt e(msg, msg_len, m_group.get_order_bits()); const BigInt r(sig, sig_len / 2); const BigInt s(sig + sig_len / 2, sig_len / 2); diff --git a/src/lib/pubkey/ecgdsa/ecgdsa.cpp b/src/lib/pubkey/ecgdsa/ecgdsa.cpp index db790b0d1..12962d18c 100644 --- a/src/lib/pubkey/ecgdsa/ecgdsa.cpp +++ b/src/lib/pubkey/ecgdsa/ecgdsa.cpp @@ -57,7 +57,7 @@ secure_vector<uint8_t> ECGDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len, RandomNumberGenerator& rng) { - const BigInt m(msg, msg_len); + const BigInt m(msg, msg_len, m_group.get_order_bits()); BigInt k = BigInt::random_integer(rng, 1, m_group.get_order()); @@ -107,7 +107,7 @@ bool ECGDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len, if(sig_len != m_group.get_order_bytes() * 2) return false; - const BigInt e(msg, msg_len); + const BigInt e(msg, msg_len, m_group.get_order_bits()); const BigInt r(sig, sig_len / 2); const BigInt s(sig + sig_len / 2, sig_len / 2); |