From 1e48ebd306c76a3e70aadc25b0ef05350faa6c21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 16 Nov 2018 10:09:11 +0100 Subject: [PATCH] Fix a compliance issue in signature encoding The issue is not present in the normal path because asn1write_mpi() does it automatically, but we're not using that here... --- library/pk_wrap.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 762dbfb91..5e8360225 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -807,8 +807,16 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, *p -= len; memmove( *p, start, len ); + /* ASN.1 DER encoding requires minimal length, so skip leading 0s. + * Neither r nor s can be 0, so we can assume len > 0 at all times. */ + while( **p == 0x00 ) + { + ++(*p); + --len; + } + /* if the msb is 1, ASN.1 requires that we prepend a 0. - * we're never called with n_len == 0, so we can always read back a byte */ + * Neither r nor s can be 0, so we can assume len > 0 at all times. */ if( **p & 0x80 ) { if( *p - start < 1 )