From 23f108fb3e09a76e923e97e08f560c2f2c91ff6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se> Date: Fri, 17 May 2013 10:09:17 +0200 Subject: [PATCH] Fixed ECC bug with overlapping arguments to mpn_mul_n. --- ChangeLog | 6 ++++++ ecc-j-to-a.c | 11 ++++++----- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 96429e1c..06ae8ff5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2013-05-17 Niels Möller <nisse@lysator.liu.se> + + * ecc-j-to-a.c (ecc_j_to_a): Fixed ecc_modp_mul call, to avoid + invalid overlap of arguments to mpn_mul_n. Problem tracked down by + Magnus Holmgren. + 2013-05-16 Niels Möller <nisse@lysator.liu.se> * arm/aes-encrypt-internal.asm: New file, for pre-v6 processors. diff --git a/ecc-j-to-a.c b/ecc-j-to-a.c index df8b8764..26c1a03a 100644 --- a/ecc-j-to-a.c +++ b/ecc-j-to-a.c @@ -46,6 +46,7 @@ ecc_j_to_a (const struct ecc_curve *ecc, #define up (scratch + ecc->size) #define iz2p (scratch + ecc->size) #define iz3p (scratch + 2*ecc->size) +#define izBp (scratch + 3*ecc->size) #define tp scratch mp_limb_t cy; @@ -72,11 +73,11 @@ ecc_j_to_a (const struct ecc_curve *ecc, if (flags & 1) { /* Divide this common factor by B */ - mpn_copyi (iz3p, izp, ecc->size); - mpn_zero (iz3p + ecc->size, ecc->size); - ecc->redc (ecc, iz3p); - - ecc_modp_mul (ecc, iz2p, izp, iz3p); + mpn_copyi (izBp, izp, ecc->size); + mpn_zero (izBp + ecc->size, ecc->size); + ecc->redc (ecc, izBp); + + ecc_modp_mul (ecc, iz2p, izp, izBp); } else ecc_modp_sqr (ecc, iz2p, izp); -- GitLab