From f384038cec805fe00c886d774f26b4f5ddaf1852 Mon Sep 17 00:00:00 2001
From: Jong-Shian Wu <js@crypto.tw>
Date: Sat, 8 Aug 2015 14:00:19 +0800
Subject: [PATCH] Fix a logic error in deterministic PRNG with buffer overrun
 issue

---
 uECC.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/uECC.c b/uECC.c
index 8dcd7af..d7eff72 100644
--- a/uECC.c
+++ b/uECC.c
@@ -2629,9 +2629,15 @@ int uECC_sign_deterministic(const uint8_t private_key[uECC_BYTES],
                 T_ptr[T_bytes] = V[i];
             }
         }
-    #if (uECC_CURVE == uECC_secp160r1)
-        T[uECC_WORDS] &= 0x01;
+#if (uECC_CURVE == uECC_secp160r1)
+    #if (uECC_WORD_SIZE == 1)
+        T[uECC_N_WORDS - 1] &= 0x01;
+    #elif (uECC_WORD_SIZE == 4)
+        T[uECC_N_WORDS - 1] &= 0x00000001;
+    #elif (uECC_WORD_SIZE == 8)
+        T[uECC_N_WORDS - 1] &= 0x00000001ffffffff; // keep the lower 33 bits
     #endif
+#endif
     
         if (uECC_sign_with_k(private_key, message_hash, T, signature)) {
             return 1;