Fix ECDSA sign buffer size

commit: e9599796210c734021c1c32dbb25778ce0b885c8 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Nov 10 13:43:55 2014 +0100
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Nov 12 00:01:52 2014 +0100
tree: 774be32c13d308e9c880db1f699b37e38452c265
parent: b31b61b9e8359402a8124572d1a94c48d9ebb776 [diff]
diff --git a/ChangeLog b/ChangeLog
index bc0bbd0..d3b7124 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -9,6 +9,8 @@
    * User set CFLAGS were ignore by Cmake with gcc (introduced in 1.3.9, found
      by Julian Ospald).
    * Fix potential undefined behaviour in Camellia.
+   * Fix potential failure in ECDSA signatures when POLARSSL_ECP_MAX_BITS is a
+     multiple of 8 (found by Gergely Budai).
 
 Changes
    * Use deterministic nonces for AEAD ciphers in TLS by default (possible to

diff --git a/library/ecdsa.c b/library/ecdsa.c
index 5af7f6b..e9880ef 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c

@@ -333,7 +333,7 @@
 #if POLARSSL_ECP_MAX_BYTES > 124
 #error "POLARSSL_ECP_MAX_BYTES bigger than expected, please fix MAX_SIG_LEN"
 #endif
-#define MAX_SIG_LEN ( 3 + 2 * ( 2 + POLARSSL_ECP_MAX_BYTES ) )
+#define MAX_SIG_LEN ( 3 + 2 * ( 3 + POLARSSL_ECP_MAX_BYTES ) )
 
 /*
  * Convert a signature (given by context) to ASN.1
commit	e9599796210c734021c1c32dbb25778ce0b885c8	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon Nov 10 13:43:55 2014 +0100
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Wed Nov 12 00:01:52 2014 +0100
tree	774be32c13d308e9c880db1f699b37e38452c265
parent	b31b61b9e8359402a8124572d1a94c48d9ebb776 [diff]