[PATCH] Small bug fixes for ECDH

NIIBE Yutaka gniibe at fsij.org
Wed Apr 23 12:33:12 CEST 2014


While working for Curve25519, I found two bugs for ECDH.

(1) SEXP length calculation is wrong.

    It's something like:

       (5:value65:...)\0
       ^       ^  ^
       |       |  |
       p   new p  endp after ++

    (len - 10) is length of the header and content.
    So, it's not 11 but 10 which should be subtracted.

(2) According to RFC 6637, "Algorithm-Specific Fields for ECDH" are:

    * an ephemeral public key

    then,

    * symmetric key info (size, key)

OK to apply?


diff --git a/g10/call-agent.c b/g10/call-agent.c
index 5ad0983..dc52139 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -1928,7 +1928,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
       xfree (buf);
       return gpg_error (GPG_ERR_INV_SEXP);
     }
-  len -= 11;   /* Count only the data of the second part. */
+  len -= 10;   /* Count only the data of the second part. */
   p = buf + 8; /* Skip leading parenthesis and the value tag. */
 
   n = strtoul (p, &endp, 10);
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index a563ec0..60f7611 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -185,7 +185,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
         err = gpg_error (GPG_ERR_BAD_MPI);
       else
         err = gcry_sexp_build (&s_data, NULL, "(enc-val(ecdh(s%m)(e%m)))",
-                               enc->data[0], enc->data[1]);
+                               enc->data[1], enc->data[0]);
     }
   else
     err = gpg_error (GPG_ERR_BUG);
-- 





More information about the Gnupg-devel mailing list