[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] ed25519: Also check that retval in the ref10 implementation.
commit 0269e4ffba02ff810b9098a67e8212c291d5fee5
Author: George Kadianakis <desnacked@xxxxxxxxxx>
Date: Wed Jun 28 14:12:20 2017 +0300
ed25519: Also check that retval in the ref10 implementation.
---
src/ext/ed25519/ref10/blinding.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/ext/ed25519/ref10/blinding.c b/src/ext/ed25519/ref10/blinding.c
index 8503f90..31332a2 100644
--- a/src/ext/ed25519/ref10/blinding.c
+++ b/src/ext/ed25519/ref10/blinding.c
@@ -49,6 +49,7 @@ int ed25519_ref10_blind_public_key(unsigned char *out,
unsigned char pkcopy[32];
ge_p3 A;
ge_p2 Aprime;
+ int retval = -1;
ed25519_ref10_gettweak(tweak, param);
@@ -62,17 +63,22 @@ int ed25519_ref10_blind_public_key(unsigned char *out,
* "ge_frombytes", we'd use that, but there isn't. */
memcpy(pkcopy, inp, 32);
pkcopy[31] ^= (1<<7);
- ge_frombytes_negate_vartime(&A, pkcopy);
+ if (ge_frombytes_negate_vartime(&A, pkcopy) != 0) {
+ goto done;
+ }
/* There isn't a regular ge_scalarmult -- we have to do tweak*A + zero*B. */
ge_double_scalarmult_vartime(&Aprime, tweak, &A, zero);
ge_tobytes(out, &Aprime);
+ retval = 0;
+
+ done:
memwipe(tweak, 0, sizeof(tweak));
memwipe(&A, 0, sizeof(A));
memwipe(&Aprime, 0, sizeof(Aprime));
memwipe(pkcopy, 0, sizeof(pkcopy));
- return 0;
+ return retval;
}
/* This is the group order encoded in a format that
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits