Describe the bug
EC private keys on the secp256r1 curve should have 32-byte private keys. public_key:generate_key/1 occasionally generates 31-byte keys.
To Reproduce
Bad = lists:foldl(fun(_, Acc) ->
Key = public_key:generate_key({namedCurve, secp256r1}),
PrivateKey = case Key of
% record changed between OTP-23 and OTP-24.
{'ECPrivateKey', 1, K, _Parameters, _PublicKey, _} -> K;
{'ECPrivateKey', 1, K, _Parameters, _PublicKey} -> K
end,
case byte_size(PrivateKey) of
32 -> Acc;
_ -> [Key | Acc]
end
end, [], lists:seq(1, 10_000)).
0 = length(Bad).Expected behavior
The private key (binary) should be zero-prefixed to the correct length.
References
RFC5915 (section 3) -- https://www.rfc-editor.org/rfc/rfc5915.html#section-3
privateKey is the private key. It is an octet string of length ceiling (log2(n)/8) (where n is the order of the curve) obtained from the unsigned integer via the Integer-to-Octet-String-Primitive (I2OSP) defined in [RFC3447]
RFC3447 (section 4.1) -- https://www.rfc-editor.org/rfc/rfc3447#section-4.1
note that one or more leading digits will be zero if [padding is needed]
Affected versions
OTP-23.0.3
OTP-24.0
Describe the bug
EC private keys on the secp256r1 curve should have 32-byte private keys. public_key:generate_key/1 occasionally generates 31-byte keys.
To Reproduce
Expected behavior
The private key (binary) should be zero-prefixed to the correct length.
References
RFC5915 (section 3) -- https://www.rfc-editor.org/rfc/rfc5915.html#section-3
RFC3447 (section 4.1) -- https://www.rfc-editor.org/rfc/rfc3447#section-4.1
Affected versions
OTP-23.0.3
OTP-24.0