[Cryptech-Commits] [sw/libhal] 04/04: Signature works better if we read the entire hash.

[git at cryptech.is]

This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ecdsa
in repository sw/libhal.

commit 1f8a59754c75af9b87e98c19dfc81fa4cc069555
Author: Rob Austein <sra at hactrn.net>
Date:   Wed Aug 26 08:40:11 2015 -0400

    Signature works better if we read the entire hash.
---
 ecdsa.c            | 6 +++---
 tests/test-ecdsa.c | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ecdsa.c b/ecdsa.c
index ca3b1b5..933cb5f 100644
--- a/ecdsa.c
+++ b/ecdsa.c
@@ -79,7 +79,7 @@
  */
 
 #ifndef HAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM
-#define HAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM 1
+#define HAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM 0
 #endif
 
 /*
@@ -1122,7 +1122,7 @@ hal_error_t hal_ecdsa_sign(const hal_ecdsa_key_t * const key,
 
   hal_error_t err;
 
-  fp_read_unsigned_bin(e, unconst_uint8_t(hash), sizeof(hash_len));
+  fp_read_unsigned_bin(e, unconst_uint8_t(hash), hash_len);
 
   do {
 
@@ -1246,7 +1246,7 @@ hal_error_t hal_ecdsa_verify(const hal_ecdsa_key_t * const key,
       fp_cmp_d(s, 1) == FP_LT || fp_cmp(s, n) != FP_LT)
     return HAL_ERROR_INVALID_SIGNATURE;
 
-  fp_read_unsigned_bin(e, unconst_uint8_t(hash), sizeof(hash_len));
+  fp_read_unsigned_bin(e, unconst_uint8_t(hash), hash_len);
 
   if (fp_invmod(s, n, w)     != FP_OKAY ||
       fp_mulmod(e, w, n, u1) != FP_OKAY ||
diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c
index 2cf2277..c4cf25f 100644
--- a/tests/test-ecdsa.c
+++ b/tests/test-ecdsa.c
@@ -115,7 +115,7 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
 {
   hal_error_t err;
 
-  printf("Starting static test vector tests for P-%d\n", tc->d_len * 8);
+  printf("Starting static test vector tests for P-%lu\n", (unsigned long) (tc->d_len * 8));
 
   set_next_random(tc->d, tc->d_len);