diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2018-09-18 00:53:17 +0300 |
---|---|---|
committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2018-09-18 16:24:21 +0300 |
commit | 13c19bdf1726da4e7358c5db648c7d094b4c6179 (patch) | |
tree | 42a399007d6d8f41e24967cd6008b517d55a68cb /lib/x509 | |
parent | 2152e7437bdea200b8aa4f05d83a9620e8cff974 (diff) | |
download | gnutls-13c19bdf1726da4e7358c5db648c7d094b4c6179.tar.gz |
lib: use little endian when importing/exporting GOST keys
GOST R 34.10 native format is little endian. It is better for the
application code to use native format data to interface library, rather
than convert buffers on their own.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'lib/x509')
-rw-r--r-- | lib/x509/privkey.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index 0ee32ed960..c018f6dc97 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -1197,6 +1197,9 @@ gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key, * GNUTLS_GOST_PARAMSET_UNKNOWN default one will be selected depending on * @digest. * + * Note: parameters should be stored with least significant byte first. On + * version 3.6.3 big-endian format was used incorrectly. + * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * @@ -1226,7 +1229,7 @@ gnutls_x509_privkey_import_gost_raw(gnutls_x509_privkey_t key, key->params.gost_params = paramset; - if (_gnutls_mpi_init_scan_nz + if (_gnutls_mpi_init_scan_le (&key->params.params[GOST_X], x->data, x->size)) { gnutls_assert(); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -1234,7 +1237,7 @@ gnutls_x509_privkey_import_gost_raw(gnutls_x509_privkey_t key, } key->params.params_nr++; - if (_gnutls_mpi_init_scan_nz + if (_gnutls_mpi_init_scan_le (&key->params.params[GOST_Y], y->data, y->size)) { gnutls_assert(); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -1242,7 +1245,7 @@ gnutls_x509_privkey_import_gost_raw(gnutls_x509_privkey_t key, } key->params.params_nr++; - if (_gnutls_mpi_init_scan_nz + if (_gnutls_mpi_init_scan_le (&key->params.params[GOST_K], k->data, k->size)) { gnutls_assert(); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -1562,6 +1565,9 @@ int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key, * in the given structure. The new parameters will be allocated using * gnutls_malloc() and will be stored in the appropriate datum. * + * Note: parameters will be stored with least significant byte first. On + * version 3.6.3 this was incorrectly returned in big-endian format. + * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * |