aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey/x509_key.h
diff options
context:
space:
mode:
authorlloyd <[email protected]>2011-05-19 12:56:05 +0000
committerlloyd <[email protected]>2011-05-19 12:56:05 +0000
commit2bfbaa792c71d289d433afb9fcec173110aa7006 (patch)
treefc37f5a2e8579bcd126e475e64900e695b54048f /src/pubkey/x509_key.h
parent49e6d3fdbd47cf827f6ac2e23ab1061abf3084ea (diff)
Reject s == 0 or r == 0 in a ECC signature.
In ECDSA, this cases should all be caught by the later check that R is not zero, so I don't believe there is any security danger. However the GOST 34.10 implementation did not have either check. Fortunately, the function that extracts the affine X coordinate from the Jacobian coordinates will throw an exception if the point is at infinity, so we would not in fact accept invalid signatures, but this is mostly by luck. And still represents a bit of a DoS potential. I checked the history, it looks like not checking for zeros at the start traces back to the original InSiTo code, and I copied the ECDSA code for GOST without thinking about it too much.
Diffstat (limited to 'src/pubkey/x509_key.h')
0 files changed, 0 insertions, 0 deletions