[GNUnet-SVN] [gnunet] 02/02: Niibe writes:

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnunet] 02/02: Niibe writes:

From:	gnunet
Subject:	[GNUnet-SVN] [gnunet] 02/02: Niibe writes:
Date:	Thu, 31 May 2018 08:17:22 +0200

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository gnunet.

commit 2b99bddcb6961cfda34087138acdda4b8b9ccb9f
Author: Christian Grothoff <address@hidden>
AuthorDate: Thu May 31 08:16:17 2018 +0200

    Niibe writes:
    
    Sorry, I was not reading the code of GNUnet well.  I overlooked how the
    eddsa_d_to_a function was written and its intention.  I read it again.
    
    Indeed, the eddsa_d_to_a function tries to handle the case where
    gcry_mpi_print returns rawmpilen < 32, putting "left pad" by DIGEST.
    
    The problem is:
    
            DIGEST is not cleared (although comment says so).
    
    I think that the stack had zero-byte for some reason on your 32-bit
    machine.
    
    Here is the correction.  Clear DIGEST, as comment says.
    
    diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
    index 8d9091b23..280603234 100644
    --- a/src/util/crypto_ecc.c
    +++ b/src/util/crypto_ecc.c
    @@ -1273,24 +1273,15 @@ eddsa_d_to_a (gcry_mpi_t d)
    
       b = 256 / 8; /* number of bytes in `d` */
    
    +  memset (hvec, 0, sizeof hvec);
       /* Note that we clear DIGEST so we can use it as input to left pad
          the key with zeroes for hashing.  */
    -  memset (hvec, 0, sizeof hvec);
    +  memset (digest, 0, sizeof digest);
       rawmpilen = sizeof (rawmpi);
       GNUNET_assert (0 ==
                      gcry_mpi_print (GCRYMPI_FMT_USG,
                                     rawmpi, rawmpilen, &rawmpilen,
                                      d));
    -  if (rawmpilen < 32)
    -  {
    -    memmove (rawmpi + 32 - rawmpilen,
    -             rawmpi,
    -             rawmpilen);
    -    memset (rawmpi,
    -            0,
    -            32 - rawmpilen);
    -    rawmpilen = 32;
    -  }
       hvec[0].data = digest;
       hvec[0].off = 0;
       hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
    --
---
 src/util/crypto_ecc.c | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 8d9091b23..200371cd7 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -1275,22 +1275,13 @@ eddsa_d_to_a (gcry_mpi_t d)
 
   /* Note that we clear DIGEST so we can use it as input to left pad
      the key with zeroes for hashing.  */
+  memset (digest, 0, sizeof digest);
   memset (hvec, 0, sizeof hvec);
   rawmpilen = sizeof (rawmpi);
   GNUNET_assert (0 ==
                  gcry_mpi_print (GCRYMPI_FMT_USG,
                                 rawmpi, rawmpilen, &rawmpilen,
                                  d));
-  if (rawmpilen < 32)
-  {
-    memmove (rawmpi + 32 - rawmpilen,
-             rawmpi,
-             rawmpilen);
-    memset (rawmpi,
-            0,
-            32 - rawmpilen);
-    rawmpilen = 32;
-  }
   hvec[0].data = digest;
   hvec[0].off = 0;
   hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [gnunet] branch master updated (2825992a3 -> 2b99bddcb), gnunet, 2018/05/31
- [GNUnet-SVN] [gnunet] 01/02: add -2 flag to gnunet-gns-benchmark, gnunet, 2018/05/31
- [GNUnet-SVN] [gnunet] 02/02: Niibe writes:, gnunet <=

Prev by Date: [GNUnet-SVN] [gnunet] 01/02: add -2 flag to gnunet-gns-benchmark
Next by Date: [GNUnet-SVN] [gnurl] branch master updated: import of old repository
Previous by thread: [GNUnet-SVN] [gnunet] 01/02: add -2 flag to gnunet-gns-benchmark
Next by thread: [GNUnet-SVN] [gnurl] branch master updated: import of old repository
Index(es):
- Date
- Thread