Date: Tue, 9 Feb 2021 01:40:40 GMT From: Peter Grehan <grehan@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org Subject: git: 82874dcb3610 - releng/13.0 - Always clamp curve25519 keys prior to use. Message-ID: <202102090140.1191eeok074275@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch releng/13.0 has been updated by grehan: URL: https://cgit.FreeBSD.org/src/commit/?id=82874dcb3610b1e57fb6b1b9db96ac4996bfa620 commit 82874dcb3610b1e57fb6b1b9db96ac4996bfa620 Author: Peter Grehan <grehan@FreeBSD.org> AuthorDate: 2021-02-03 09:05:09 +0000 Commit: Peter Grehan <grehan@FreeBSD.org> CommitDate: 2021-02-08 23:36:13 +0000 Always clamp curve25519 keys prior to use. Approved by: re (gjb) (cherry picked from commit 6136a10e355a7a837edecbccbed04c34b4bc32c9) --- sys/dev/if_wg/module/curve25519.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/dev/if_wg/module/curve25519.c b/sys/dev/if_wg/module/curve25519.c index e21d00bd2818..16f0b0337eb6 100644 --- a/sys/dev/if_wg/module/curve25519.c +++ b/sys/dev/if_wg/module/curve25519.c @@ -767,6 +767,7 @@ void curve25519_generic(u8 out[CURVE25519_KEY_SIZE], u8 e[32]; memcpy(e, scalar, 32); + curve25519_clamp_secret(e); /* The following implementation was transcribed to Coq and proven to * correspond to unary scalar multiplication in affine coordinates given
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102090140.1191eeok074275>