diff options
author | Jeffrey Wilcke <jeffrey@ethereum.org> | 2015-02-12 07:10:00 +0800 |
---|---|---|
committer | Jeffrey Wilcke <jeffrey@ethereum.org> | 2015-02-12 07:10:00 +0800 |
commit | 04c1a81509576c898f4d30a76f9d84d087e2a4cf (patch) | |
tree | 3c54f34f53f0cca44c42069df3bc36f1b8c67fba | |
parent | d899334bba7bf4a157cab19d8ad836dcb1de0c34 (diff) | |
parent | 52a46e61f948d9c5f4a4e993bc1870bd79a19b56 (diff) | |
download | dexon-04c1a81509576c898f4d30a76f9d84d087e2a4cf.tar dexon-04c1a81509576c898f4d30a76f9d84d087e2a4cf.tar.gz dexon-04c1a81509576c898f4d30a76f9d84d087e2a4cf.tar.bz2 dexon-04c1a81509576c898f4d30a76f9d84d087e2a4cf.tar.lz dexon-04c1a81509576c898f4d30a76f9d84d087e2a4cf.tar.xz dexon-04c1a81509576c898f4d30a76f9d84d087e2a4cf.tar.zst dexon-04c1a81509576c898f4d30a76f9d84d087e2a4cf.zip |
Merge pull request #2 from Gustav-Simonsson/correct_ecies_shared_key_generation
Correct ECIES shared key length check
-rw-r--r-- | ecies.go | 29 |
1 files changed, 17 insertions, 12 deletions
@@ -13,11 +13,12 @@ import ( ) var ( - ErrImport = fmt.Errorf("ecies: failed to import key") - ErrInvalidCurve = fmt.Errorf("ecies: invalid elliptic curve") - ErrInvalidParams = fmt.Errorf("ecies: invalid ECIES parameters") - ErrInvalidPublicKey = fmt.Errorf("ecies: invalid public key") - ErrSharedKeyTooBig = fmt.Errorf("ecies: shared key is too big") + ErrImport = fmt.Errorf("ecies: failed to import key") + ErrInvalidCurve = fmt.Errorf("ecies: invalid elliptic curve") + ErrInvalidParams = fmt.Errorf("ecies: invalid ECIES parameters") + ErrInvalidPublicKey = fmt.Errorf("ecies: invalid public key") + ErrSharedKeyIsPointAtInfinity = fmt.Errorf("ecies: shared key is point at infinity") + ErrSharedKeyTooBig = fmt.Errorf("ecies: shared key params are too big") ) // PublicKey is a representation of an elliptic curve public key. @@ -90,16 +91,20 @@ func MaxSharedKeyLength(pub *PublicKey) int { // ECDH key agreement method used to establish secret keys for encryption. func (prv *PrivateKey) GenerateShared(pub *PublicKey, skLen, macLen int) (sk []byte, err error) { if prv.PublicKey.Curve != pub.Curve { - err = ErrInvalidCurve - return + return nil, ErrInvalidCurve + } + if skLen+macLen > MaxSharedKeyLength(pub) { + return nil, ErrSharedKeyTooBig } x, _ := pub.Curve.ScalarMult(pub.X, pub.Y, prv.D.Bytes()) - if x == nil || (x.BitLen()+7)/8 < (skLen+macLen) { - err = ErrSharedKeyTooBig - return + if x == nil { + return nil, ErrSharedKeyIsPointAtInfinity } - sk = x.Bytes()[:skLen+macLen] - return + + sk = make([]byte, skLen+macLen) + skBytes := x.Bytes() + copy(sk[len(sk)-len(skBytes):], skBytes) + return sk, nil } var ( |