[webkit-reviews] review canceled: [Bug 171070] [GCrypt] ECDH bit derivation support : [Attachment 307627] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Apr 21 01:21:02 PDT 2017
Zan Dobersek <zan at falconsigh.net> has canceled Zan Dobersek
<zan at falconsigh.net>'s request for review:
Bug 171070: [GCrypt] ECDH bit derivation support
https://bugs.webkit.org/show_bug.cgi?id=171070
Attachment 307627: Patch
https://bugs.webkit.org/attachment.cgi?id=307627&action=review
--- Comment #4 from Zan Dobersek <zan at falconsigh.net> ---
Comment on attachment 307627
--> https://bugs.webkit.org/attachment.cgi?id=307627
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=307627&action=review
>> Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp:64
>> + PAL::GCrypt::Handle<gcry_sexp_t> cipherSexp;
>
> A little bit confused about this step. Why do we need this encryption? Is it
equivalent to adding the public key d times?
It performs the complete ECDH operation, but yes, the public key is added d
times which yields the EC point from which the x-coordinate is extracted and
returned.
The extraction steps are done below. What's missing is using the specified
length to validate and clip the coordinate data. I'll upload a new patch.
>> Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp:109
>> + error = gcry_mpi_print(GCRYMPI_FMT_USG, output.data(),
output.size(), nullptr, xMPI);
>
> Why doing gcry_mpi_print twice here? What's the usage of the first
gcry_mpi_print?
The first one only retrieves the required buffer size. That's then used to
allocate a large-enough Vector into which the data is printed out.
More information about the webkit-reviews
mailing list