On Sep 4, 2009, at 12:29 AM, Will Bickford wrote:
In the following sample test case I get a false-positive from OpenSSL
1.0.0 Beta 3. Note that this tests specifically for a vector larger
than should be allowed (192/32 = 6 32-bit integers, but Qy requires
7). Other test cases succeed or fail as expected - this is an edge
case.
[P-192]
Qx = cd6d0f029a023e9aaca429615b8f577abee685d8257cc83a
Qy = 00019c410987680e9fb6c0b6ecc01d9a2647c8bae27721bacdfc
The correct result is a failure, but the following steps produce a
false positive.
Note that EC_POINT_set_affine_coordinates_GFp() does not imply an out-
of-bounds check. This will just reduce the coordinates as needed (so
no error is expected if your input Qy has more than 192 bits). If you
need to verify that the inputs are in an accepted range, this is a
step you'll have to do explicitly in your software.
Bodo
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
