Fix too small ecdsa private key buffer

mkj · mkj · commit 7b8e47a74398 · 2025-11-12T21:25:43.000+08:00
When RSA or DSS are not built, the private key buffer size is too small, resulting in a "bad_getbuf" or similar exit. This was a regression in 2025.87. Fixes: 440b7b5 ("Add sntrup761x25519-sha512 post-quantum key exchange") ECDSA private key requires around 241 bytes 4 + len("ecdsa-sha2-nistp521") + 4 + (521/8+1 + 4)*3 + 4 Fixes #368 on github.
diff --git a/src/sysoptions.h b/src/sysoptions.h
@@ -266,7 +266,7 @@
 #else
 /* 521 bit ecdsa key */
 #define MAX_PUBKEY_SIZE 200
-#define MAX_PRIVKEY_SIZE 200
+#define MAX_PRIVKEY_SIZE 250
 #endif
 
 /* For kex hash buffer, worst case size for Q_C || Q_S || K */
