From 381f90b38adb7dd0a9f12d9965a22994a4ff8454 Mon Sep 17 00:00:00 2001 From: Roman Zeyde Date: Sat, 27 Jun 2015 10:20:19 +0300 Subject: [PATCH] cryptoMessageSign() should check the return value of ecdsa_sign_digest() --- firmware/crypto.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/firmware/crypto.c b/firmware/crypto.c index a78aa4002e..9a439bad88 100644 --- a/firmware/crypto.c +++ b/firmware/crypto.c @@ -96,9 +96,11 @@ int cryptoMessageSign(const uint8_t *message, size_t message_len, const uint8_t sha256_Final(hash, &ctx); sha256_Raw(hash, 32, hash); uint8_t pby; - ecdsa_sign_digest(privkey, hash, signature + 1, &pby); - signature[0] = 27 + pby + 4; - return 0; + int result = ecdsa_sign_digest(&secp256k1, privkey, hash, signature + 1, &pby); + if (result == 0) { + signature[0] = 27 + pby + 4; + } + return result; } int cryptoMessageVerify(const uint8_t *message, size_t message_len, const uint8_t *address_raw, const uint8_t *signature)