diff options
| author | Ian Lance Taylor <iant@google.com> | 2016-02-03 21:58:02 +0000 |
|---|---|---|
| committer | Ian Lance Taylor <ian@gcc.gnu.org> | 2016-02-03 21:58:02 +0000 |
| commit | f98dd1a338867a408f7c72d73fbad7fe7fc93e3a (patch) | |
| tree | 2f8da9862a9c1fe0df138917f997b03439c02773 /libgo/go/crypto/elliptic/elliptic.go | |
| parent | b081ed4efc144da0c45a6484aebfd10e0eb9fda3 (diff) | |
| download | gcc-f98dd1a338867a408f7c72d73fbad7fe7fc93e3a.zip gcc-f98dd1a338867a408f7c72d73fbad7fe7fc93e3a.tar.gz gcc-f98dd1a338867a408f7c72d73fbad7fe7fc93e3a.tar.bz2 | |
libgo: Update to go1.6rc1.
Reviewed-on: https://go-review.googlesource.com/19200
From-SVN: r233110
Diffstat (limited to 'libgo/go/crypto/elliptic/elliptic.go')
| -rw-r--r-- | libgo/go/crypto/elliptic/elliptic.go | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/libgo/go/crypto/elliptic/elliptic.go b/libgo/go/crypto/elliptic/elliptic.go index e6b59c5..c02df45 100644 --- a/libgo/go/crypto/elliptic/elliptic.go +++ b/libgo/go/crypto/elliptic/elliptic.go @@ -274,7 +274,8 @@ var mask = []byte{0xff, 0x1, 0x3, 0x7, 0xf, 0x1f, 0x3f, 0x7f} // GenerateKey returns a public/private key pair. The private key is // generated using the given reader, which must return random data. func GenerateKey(curve Curve, rand io.Reader) (priv []byte, x, y *big.Int, err error) { - bitSize := curve.Params().BitSize + N := curve.Params().N + bitSize := N.BitLen() byteLen := (bitSize + 7) >> 3 priv = make([]byte, byteLen) @@ -289,6 +290,12 @@ func GenerateKey(curve Curve, rand io.Reader) (priv []byte, x, y *big.Int, err e // This is because, in tests, rand will return all zeros and we don't // want to get the point at infinity and loop forever. priv[1] ^= 0x42 + + // If the scalar is out of range, sample another random number. + if new(big.Int).SetBytes(priv).Cmp(N) >= 0 { + continue + } + x, y = curve.ScalarBaseMult(priv) } return |