LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.
[x] Checked that your issue isn't due to the fact that you're using asymmetric cryptography and you forgot linking in and/or setting an MPI provider (usually this causes either random crashes or runtime errors like LTC_ARGCHK 'ltc_mp.name != NULL' failure ...). c.f. Ch. "Math Descriptors" of the developer manual.
[x] Checked that your issue isn't related to TomsFastMath's limitation that PK operations can by default only be done with max. 2048bit keys
Description
If *outlen is less than size, the buffer out is anyway written, because the assignment *outlen = size happens before the comparison size > *outlen.
Steps to Reproduce
Use a 160bit curve, put protection bytes around the out buffer, make the out buffer only 10 bytes:
Prerequisites
LTC_ARGCHK 'ltc_mp.name != NULL' failure ...
). c.f. Ch. "Math Descriptors" of the developer manual.Description
If
*outlen
is less thansize
, the bufferout
is anyway written, because the assignment*outlen = size
happens before the comparisonsize > *outlen
.Steps to Reproduce
Use a 160bit curve, put protection bytes around the out buffer, make the out buffer only 10 bytes:
0
is returned andprotection1
is overridden!Version
v1.18.2-717-g1e629e6f
Additional Information
Suggested patch: