Am Freitag, den 11.12.2020, 14:30 +0800 schrieb Meng Yu: > > +/* curve25519 */ > +static u64 curve25519_g_x[] = { 0x0000000000000009, 0x0000000000000000, > + 0x0000000000000000, 0x0000000000000000 }; > +static u64 curve25519_p[] = { 0xffffffffffffffed, 0xffffffffffffffff, > + 0xffffffffffffffff, 0x7fffffffffffffff }; > +static u64 curve25519_a[] = { 0x000000000001DB41, 0x0000000000000000, > + 0x0000000000000000, 0x0000000000000000 }; > +static const struct ecc_curve ecc_25519 = { > + .name = "curve25519", > + .g = { > + .x = curve25519_g_x, > + .ndigits = 4, > + }, > + .p = curve25519_p, > + .a = curve25519_a, > +}; With this definition, I am not sure whether ecc_is_pubkey_valid_partial would work correctly. At least it *seems* that there would be a NULL-pointer dereference in vli_add with the undefined .b value. Did you test and can you confirm? Thanks Stephan