From f64c8e3bee2e9c61cf18c93c6a328dd5d6d8e1b4 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Tue, 6 Jan 2015 09:15:00 +0100 Subject: ec25519-fhmqvc: additional key checks Until now, it wasn't checked if a public key was the identity element. I don't think this mistake allows any actual attacks against the handshake though. --- src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c') diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c index c0d633d..c60ce67 100644 --- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c +++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c @@ -78,7 +78,7 @@ static fastd_protocol_config_t * protocol_init(void) { static fastd_protocol_key_t * protocol_read_key(const char *key) { fastd_protocol_key_t *ret = fastd_new(fastd_protocol_key_t); - if (!read_key(ret->key.u8, key)) { + if (!read_key(ret->key.u8, key) || !fastd_protocol_ec25519_fhmqvc_check_key(&ret->key.int256)) { free(ret); return NULL; } -- cgit v1.2.3