diff -ur gnutls-3.1.18.orig/lib/gnutls_ecc.c gnutls-3.1.18/lib/gnutls_ecc.c --- gnutls-3.1.18.orig/lib/gnutls_ecc.c 2013-04-02 22:27:35.000000000 +0200 +++ gnutls-3.1.18/lib/gnutls_ecc.c 2014-01-02 09:13:27.383415863 +0100 @@ -129,6 +129,12 @@ goto cleanup; } params->params_nr++; + + if (_gnutls_mpi_get_nbits(params->params[ECC_PRIME]) < 256) + { + ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE); + goto cleanup; + } val_size = sizeof(val); ret = _gnutls_hex2bin(st->order, strlen(st->order), val, &val_size); diff -ur gnutls-3.1.18.orig/lib/gnutls_priority.c gnutls-3.1.18/lib/gnutls_priority.c --- gnutls-3.1.18.orig/lib/gnutls_priority.c 2013-11-19 18:36:38.000000000 +0100 +++ gnutls-3.1.18/lib/gnutls_priority.c 2014-01-02 09:13:27.384415875 +0100 @@ -245,8 +245,6 @@ } static const int supported_ecc_normal[] = { - GNUTLS_ECC_CURVE_SECP192R1, - GNUTLS_ECC_CURVE_SECP224R1, GNUTLS_ECC_CURVE_SECP256R1, GNUTLS_ECC_CURVE_SECP384R1, GNUTLS_ECC_CURVE_SECP521R1, diff -ur gnutls-3.1.18.orig/lib/nettle/ecc_mulmod_cached.c gnutls-3.1.18/lib/nettle/ecc_mulmod_cached.c --- gnutls-3.1.18.orig/lib/nettle/ecc_mulmod_cached.c 2013-04-02 22:27:35.000000000 +0200 +++ gnutls-3.1.18/lib/nettle/ecc_mulmod_cached.c 2014-01-02 10:26:08.425986981 +0100 @@ -42,6 +42,7 @@ /* global cache */ static gnutls_ecc_curve_cache_entry_t *ecc_wmnaf_cache = NULL; +static gnutls_ecc_curve_cache_entry_t *ecc_wmnaf_cache_last = NULL; /* free single cache entry */ static void @@ -63,13 +64,15 @@ gnutls_ecc_curve_cache_entry_t *p = ecc_wmnaf_cache; if (p) { - for (; p->id != GNUTLS_ECC_CURVE_INVALID; ++p) + for (; p <= ecc_wmnaf_cache_last; ++p) { - _ecc_wmnaf_cache_entry_free (p); + if (p->id != GNUTLS_ECC_CURVE_INVALID) + _ecc_wmnaf_cache_entry_free (p); } free (ecc_wmnaf_cache); ecc_wmnaf_cache = NULL; + ecc_wmnaf_cache_last = NULL; } } @@ -198,7 +201,7 @@ const gnutls_ecc_curve_t *p; ret = (gnutls_ecc_curve_cache_entry_t *) - malloc (MAX_ALGOS * sizeof (gnutls_ecc_curve_cache_entry_t)); + calloc (MAX_ALGOS, sizeof (gnutls_ecc_curve_cache_entry_t)); if (ret == NULL) return GNUTLS_E_MEMORY_ERROR; @@ -207,12 +210,16 @@ for (j = 0; *p; ++p, ++j) { - if ((err = _ecc_wmnaf_cache_entry_init (ret + *p - 1, *p)) != 0) + gnutls_ecc_curve_cache_entry_t *entry; + + entry = ret + *p - 1; + if ((err = _ecc_wmnaf_cache_entry_init (entry, *p)) != 0) goto done; + if (ecc_wmnaf_cache_last < entry) + ecc_wmnaf_cache_last = entry; } - /* nullify last cache entry id */ - ret[j].id = GNUTLS_ECC_CURVE_INVALID; + /* no need to nullify last cache entry id, done by calloc */ err = GNUTLS_E_SUCCESS; @@ -223,11 +230,13 @@ int i; for (i = 0; i < j; ++i) { - _ecc_wmnaf_cache_entry_free (ret + i); + --p; + _ecc_wmnaf_cache_entry_free (ret + *p - 1); } free (ret); ecc_wmnaf_cache = NULL; + ecc_wmnaf_cache_last = NULL; } return err; } @@ -445,9 +454,11 @@ if (k == NULL || G == NULL || R == NULL || modulus == NULL) return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - for (i = 0; (id = ecc_wmnaf_cache[i].id); ++i) + for (i = 0; ecc_wmnaf_cache + i <= ecc_wmnaf_cache_last; ++i) { - if (!(mpz_cmp (G->x, ecc_wmnaf_cache[i].pos[0]->x)) && + id = ecc_wmnaf_cache[i].id; + if (id && + !(mpz_cmp (G->x, ecc_wmnaf_cache[i].pos[0]->x)) && !(mpz_cmp (G->y, ecc_wmnaf_cache[i].pos[0]->y))) { break; diff -ur gnutls-3.1.18.orig/tests/mini-xssl.c gnutls-3.1.18/tests/mini-xssl.c --- gnutls-3.1.18.orig/tests/mini-xssl.c 2013-05-30 08:50:22.000000000 +0200 +++ gnutls-3.1.18/tests/mini-xssl.c 2014-01-02 09:13:27.384415875 +0100 @@ -27,7 +27,8 @@ #include #include -#if defined(_WIN32) +/* uses unsupported curves */ +#if 1 int main() { diff -ur gnutls-3.1.18.orig/tests/pkcs12_simple.c gnutls-3.1.18/tests/pkcs12_simple.c --- gnutls-3.1.18.orig/tests/pkcs12_simple.c 2013-05-21 20:27:20.000000000 +0200 +++ gnutls-3.1.18/tests/pkcs12_simple.c 2014-01-02 09:13:27.384415875 +0100 @@ -50,6 +50,9 @@ gnutls_x509_privkey_t pkey; int ret; + /* uses unsupported curves */ + exit(77); + ret = global_init (); if (ret < 0) fail ("global_init failed %d\n", ret);