From 23f108fb3e09a76e923e97e08f560c2f2c91ff6e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Fri, 17 May 2013 10:09:17 +0200
Subject: [PATCH] Fixed ECC bug with overlapping arguments to mpn_mul_n.

---
 ChangeLog    |  6 ++++++
 ecc-j-to-a.c | 11 ++++++-----
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 96429e1c..06ae8ff5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2013-05-17  Niels Möller  <nisse@lysator.liu.se>
+
+	* ecc-j-to-a.c (ecc_j_to_a): Fixed ecc_modp_mul call, to avoid
+	invalid overlap of arguments to mpn_mul_n. Problem tracked down by
+	Magnus Holmgren.
+
 2013-05-16  Niels Möller  <nisse@lysator.liu.se>
 
 	* arm/aes-encrypt-internal.asm: New file, for pre-v6 processors.
diff --git a/ecc-j-to-a.c b/ecc-j-to-a.c
index df8b8764..26c1a03a 100644
--- a/ecc-j-to-a.c
+++ b/ecc-j-to-a.c
@@ -46,6 +46,7 @@ ecc_j_to_a (const struct ecc_curve *ecc,
 #define up   (scratch + ecc->size)
 #define iz2p (scratch + ecc->size)
 #define iz3p (scratch + 2*ecc->size)
+#define izBp (scratch + 3*ecc->size)
 #define tp    scratch
 
   mp_limb_t cy;
@@ -72,11 +73,11 @@ ecc_j_to_a (const struct ecc_curve *ecc,
       if (flags & 1)
 	{
 	  /* Divide this common factor by B */
-	  mpn_copyi (iz3p, izp, ecc->size);
-	  mpn_zero (iz3p + ecc->size, ecc->size);
-	  ecc->redc (ecc, iz3p);
-      
-	  ecc_modp_mul (ecc, iz2p, izp, iz3p);
+	  mpn_copyi (izBp, izp, ecc->size);
+	  mpn_zero (izBp + ecc->size, ecc->size);
+	  ecc->redc (ecc, izBp);
+
+	  ecc_modp_mul (ecc, iz2p, izp, izBp);
 	}
       else
 	ecc_modp_sqr (ecc, iz2p, izp);	
-- 
GitLab