From 08a680a8879ce9da16d808644730f7cfacaf667f Mon Sep 17 00:00:00 2001 From: Ian Lance Taylor Date: Mon, 25 Jun 2012 16:20:03 +0000 Subject: libgo: Update to Go 1.0.2 release. From-SVN: r188943 --- libgo/go/crypto/ecdsa/ecdsa.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'libgo/go/crypto/ecdsa') diff --git a/libgo/go/crypto/ecdsa/ecdsa.go b/libgo/go/crypto/ecdsa/ecdsa.go index b28239b..8508e3b 100644 --- a/libgo/go/crypto/ecdsa/ecdsa.go +++ b/libgo/go/crypto/ecdsa/ecdsa.go @@ -66,7 +66,9 @@ func GenerateKey(c elliptic.Curve, rand io.Reader) (priv *PrivateKey, err error) // hashToInt converts a hash value to an integer. There is some disagreement // about how this is done. [NSA] suggests that this is done in the obvious // manner, but [SECG] truncates the hash to the bit-length of the curve order -// first. We follow [SECG] because that's what OpenSSL does. +// first. We follow [SECG] because that's what OpenSSL does. Additionally, +// OpenSSL right shifts excess bits from the number if the hash is too large +// and we mirror that too. func hashToInt(hash []byte, c elliptic.Curve) *big.Int { orderBits := c.Params().N.BitLen() orderBytes := (orderBits + 7) / 8 @@ -75,7 +77,7 @@ func hashToInt(hash []byte, c elliptic.Curve) *big.Int { } ret := new(big.Int).SetBytes(hash) - excess := orderBytes*8 - orderBits + excess := len(hash)*8 - orderBits if excess > 0 { ret.Rsh(ret, uint(excess)) } -- cgit v1.1