From 5b3c897d0e3f09acd68d17d7a586af7f517be29a Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Tue, 18 Jun 2024 10:03:07 +0800 Subject: [PATCH] Fix `sm9_z256_point_from_uncompressed_octets` bug Fix the issue of https://github.com/guanzhi/GmSSL/issues/1698 This might lead to Invalid curve attack. --- src/sm9_z256.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sm9_z256.c b/src/sm9_z256.c index 6e56278b..b57acde8 100644 --- a/src/sm9_z256.c +++ b/src/sm9_z256.c @@ -3149,7 +3149,7 @@ int sm9_z256_point_from_uncompressed_octets(SM9_Z256_POINT *P, const uint8_t oct sm9_z256_modp_to_mont(P->X, P->X); sm9_z256_from_bytes(P->Y, octets + 32 + 1); - if (sm9_z256_cmp(P->X, SM9_Z256_P) >= 0) { + if (sm9_z256_cmp(P->Y, SM9_Z256_P) >= 0) { error_print(); return -1; }