Am Dienstag, 30. Mai 2017, 16:52:48 CEST schrieb Tudor Ambarus: Hi Tudor, > + if (!params.key || !params.key_size) > + return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, > + ctx->private_key); > + > if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits, > (const u64 *)params.key, params.key_size) < 0) Hm, wouldn't this check be a problem in case a private key is generated by the kernel? The ecc_gen_privkey stores the key in ctx whereas this check operates on the input buffer. Furthermore, there is an unconditional memcpy further down that would overwrite the key in the ctx, no? Ciao Stephan