[prev in list] [next in list] [prev in thread] [next in thread]
List: gcrypt-devel
Subject: Re: [PATCH] Truncate hash values for ECDSA signature scheme
From: Dmitry Eremin-Solenikov <dbaryshkov () gmail ! com>
Date: 2013-12-18 23:06:06
Message-ID: CALT56yO8ABkXHZCmfq3Ti=Ewz0VxuOOgF8HppfPVYuB=26KvLg () mail ! gmail ! com
[Download RAW message or body]
Hello,
On Tue, Dec 17, 2013 at 5:53 PM, Werner Koch <wk@gnupg.org> wrote:
> On Tue, 17 Dec 2013 12:37, dbaryshkov@gmail.com said:
>
>> if (mpi_is_opaque(input))
>> {
>> abuf = mpi_get_opaque (input, &abits);
>> rc = _gcry_mpi_scan (&hash, GCRYMPI_FMT_USG, abuf, (abits+7)/8, NULL);
>> }
>> else
>> {
>> hash = mpi_copy(input)
>> abits = mpi_get_nbits(input);
>> }
>> if (abits > qbits)
>> mpi_rshift (hash, hash, abits - qbits);
>>
>> This would be more correct, isn't it?
>
> Yes.
I was wrong, this code is incorrect. I think I now understand how to handle
different cases wrt. hash truncation. I will post new patch iteration after
the Weekend.
--
With best wishes
Dmitry
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic