wip: attempts fixing serialization error in covercrypt

tbrezot · tbrezot · commit 603570abb9df · 2026-01-25T15:26:16.000+01:00
diff --git a/crates/openssl_provider/src/p256/scalar.rs b/crates/openssl_provider/src/p256/scalar.rs
@@ -67,12 +67,20 @@ impl PartialEq for P256Scalar {
 impl Eq for P256Scalar {}
 
 impl P256Scalar {
-    pub const SCALAR_LENGTH: usize = 32;
+    pub const LENGTH: usize = 32;
 }
 
-impl Seedable<{ Self::SCALAR_LENGTH }> for P256Scalar {
-    fn from_seed(seed: &Secret<{ Self::SCALAR_LENGTH }>) -> Self {
-        Self(BigNum::from_slice(&**seed))
+impl Seedable<{ Self::LENGTH }> for P256Scalar {
+    fn from_seed(seed: &Secret<{ Self::LENGTH }>) -> Self {
+        let from_seed = |seed: &Secret<{ Self::LENGTH }>| {
+            let n = BigNum::from_slice(&**seed)?;
+            let mut ctxt = BigNumContext::new()?;
+            let mut res = BigNum::new()?;
+            let order = get_group_order(&mut ctxt)?;
+            res.nnmod(&n, &order, &mut ctxt)?;
+            Ok(res)
+        };
+        Self(from_seed(seed))
     }
 }
 
@@ -219,20 +227,27 @@ impl Serializable for P256Scalar {
     type Error = CryptoCoreError;
 
     fn length(&self) -> usize {
-        Self::SCALAR_LENGTH
+        self.0
+            .as_ref()
+            .map(|n| n.to_vec().length())
+            .unwrap_or_default()
     }
 
     fn write(&self, ser: &mut Serializer) -> Result<usize, Self::Error> {
         match &self.0 {
-            Ok(n) => ser.write_array(&n.to_vec()),
+            Ok(n) => {
+                let bytes = n.to_vec();
+                assert_eq!(bytes.len(), Self::LENGTH);
+                ser.write_vec(&n.to_vec())
+            }
             Err(e) => Err(CryptoCoreError::GenericSerializationError(format!(
                 "cannot serialize a scalar in error state: {e}"
             ))),
         }
     }
 
     fn read(de: &mut Deserializer) -> Result<Self, Self::Error> {
-        let bytes = de.read_array::<32>()?;
+        let bytes = de.read_vec()?;
         BigNum::from_slice(&bytes).map(Ok).map(Self).map_err(|e| {
             CryptoCoreError::GenericDeserializationError(format!("cannot deserialize scalar: {e}"))
         })
@@ -255,5 +270,11 @@ mod tests {
         let mut rng = CsRng::from_entropy();
         let s = P256Scalar::random(&mut rng);
         test_serialization(&s).unwrap();
+
+        // Test serialization from seed.
+        let mut rng = CsRng::from_entropy();
+        let seed = Secret::<{ P256Scalar::LENGTH }>::random(&mut rng);
+        let s = P256Scalar::from_seed(&seed);
+        test_serialization(&s).unwrap();
     }
 }
