Commit 63f222c6 authored by Niels Möller's avatar Niels Möller
Browse files

Fix canonical reduction in gostdsa_vko.

* gostdsa-vko.c (gostdsa_vko): Use ecc_mod_mul_canonical to
compute the scalar used for ecc multiplication.

(cherry picked from commit b30e0ca6)
parent ae3801a0
2021-03-13 Niels Möller <nisse@lysator.liu.se>
* gostdsa-vko.c (gostdsa_vko): Use ecc_mod_mul_canonical to
compute the scalar used for ecc multiplication.
* eddsa-hash.c (_eddsa_hash): Ensure result is canonically
reduced. Two of the three call sites need that.
......
......@@ -87,7 +87,7 @@ gostdsa_vko (const struct ecc_scalar *priv,
if (mpn_zero_p (UKM, size))
UKM[0] = 1;
ecc_mod_mul (&ecc->q, TEMP, priv->p, UKM, TEMP); /* TEMP = UKM * priv */
ecc_mod_mul_canonical (&ecc->q, TEMP, priv->p, UKM, TEMP); /* TEMP = UKM * priv */
ecc->mul (ecc, XYZ, TEMP, pub->p, scratch + 4*size); /* XYZ = UKM * priv * pub */
ecc->h_to_a (ecc, 0, TEMP, XYZ, scratch + 5*size); /* TEMP = XYZ */
mpn_get_base256_le (out, bsize, TEMP, size);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment