Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Curve name buffer too small #1

Open
j-kaltes opened this issue Sep 23, 2024 · 0 comments
Open

Curve name buffer too small #1

j-kaltes opened this issue Sep 23, 2024 · 0 comments

Comments

@j-kaltes
Copy link

j-kaltes commented Sep 23, 2024
edited
Loading

The program uses

char curve[9];

to save the name of the curve. The possible names are:

char* ellipticcurves [] = {
	"secp224k1",
	"secp224r1",
	"secp256k1",
	"secp256r1"
};

They consist of 9 characters plus a trailing ‘\0’, so they need 10 bytes, giving:

char curve[10];

Because of this:

./ecdsa --sign priv256.pem --message adc.dat --signature sig256.pem

gives the following output:

option --sign with value `priv256.pem'
Sign/Verify the message with value `adc.dat'
Signature is stored in file sig256.pem
Curve secp256r124f749e0f9d4904e1cd9a697cece8746f0a3583caf39a87302e2b4c4de883d65 was not built-in the program 
Error occurred. Invalid signature returned !

After changing to 10 bytes:

option --sign with value `priv256.pem'
Sign/Verify the message with value `adc.dat'
Signature is stored in file sig256.pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@j-kaltes