[Bug 2474] Enabling ECDSA in PKCS#11 support for ssh-agent

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Dec 13 09:28:10 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2474

--- Comment #18 from Dmitry S. <dsavints at gmail.com> ---
Hi Mathias - my colleagues identified a problem with the ECDSA
signatures in the process_sign() function which happens when r and s in
the signature are smaller than the order size.  This does not happen
most the times but is especially noticeable when a large number of
signing operations are performed.

We have come up with this fix:
https://github.com/dmitris/openssh-portable/pull/3/files

Could you please check it out and let me know if you have any
questions, or otherwise incorporate it in the next version of your
patch?  Thanks.

Regards,

- Dmitry

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list