[Bug 2474] Enabling ECDSA in PKCS#11 support for ssh-agent

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Dec 13 09:28:10 AEDT 2017


--- Comment #18 from Dmitry S. <dsavints at gmail.com> ---
Hi Mathias - my colleagues identified a problem with the ECDSA
signatures in the process_sign() function which happens when r and s in
the signature are smaller than the order size.  This does not happen
most the times but is especially noticeable when a large number of
signing operations are performed.

We have come up with this fix:

Could you please check it out and let me know if you have any
questions, or otherwise incorporate it in the next version of your
patch?  Thanks.


- Dmitry

You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list