[PATCH] g10: Fix ECDH secret compressed/uncompressed format

Werner Koch wk at gnupg.org
Tue Oct 25 08:48:46 CEST 2016


On Mon, 24 Oct 2016 11:43, arnaud.fontaine at ssi.gouv.fr said:

> +        /* Un-compressed format expected, so it must start with 04 */
> +        log_assert (secret_x[0] == (byte)0x04);

SECRET_X is user provided data and thus you can't use assert here but
must return a proper error.

Can you please give examples why you need this patch?


> +    else
> +      {
> +        /* Compressed format expected, without leading zeros */
> +        if (nbytes < secret_x_size)

Please use an "else if ()" here.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 162 bytes
Desc: not available
URL: </pipermail/attachments/20161025/0cc25ff3/attachment.sig>


More information about the Gnupg-devel mailing list