mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-23 23:31:08 +00:00
Expose ecdsa_signature_to_asn1
Expose ecdsa_signature_to_asn1 in the API. It's useful when converting between RFC 4492 format and other representations that might be used in external crypto processors.
This commit is contained in:
parent
9a8bb67935
commit
bce41d373a
|
@ -235,6 +235,28 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
|
||||||
#endif /* MBEDTLS_DEPRECATED_REMOVED */
|
#endif /* MBEDTLS_DEPRECATED_REMOVED */
|
||||||
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
|
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Convert a signature from numbers to ASN.1
|
||||||
|
*
|
||||||
|
* \param r First number of the signature
|
||||||
|
* \param s Second number of the signature
|
||||||
|
* \param sig Buffer that will hold the signature
|
||||||
|
* \param slen Length of the signature written
|
||||||
|
* \param ssize Size of the sig buffer
|
||||||
|
*
|
||||||
|
* \note The size of the buffer \c ssize should be at least
|
||||||
|
* `MBEDTLS_ECDSA_MAX_SIG_LEN(grp->pbits)` bytes long if
|
||||||
|
* the signature was produced from curve \c grp,
|
||||||
|
* otherwise this function will return an error.
|
||||||
|
*
|
||||||
|
* \return 0 if successful,
|
||||||
|
* or a MBEDTLS_ERR_MPI_XXX or MBEDTLS_ERR_ASN1_XXX error code
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
|
||||||
|
unsigned char *sig, size_t *slen,
|
||||||
|
size_t ssize );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Read and verify an ECDSA signature
|
* \brief Read and verify an ECDSA signature
|
||||||
*
|
*
|
||||||
|
|
|
@ -289,22 +289,22 @@ cleanup:
|
||||||
/*
|
/*
|
||||||
* Convert a signature (given by context) to ASN.1
|
* Convert a signature (given by context) to ASN.1
|
||||||
*/
|
*/
|
||||||
static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
|
int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
|
||||||
unsigned char *sig, size_t *slen )
|
unsigned char *sig, size_t *slen, size_t ssize )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
|
unsigned char *p = sig + ssize;
|
||||||
unsigned char *p = buf + sizeof( buf );
|
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) );
|
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, sig, s ) );
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) );
|
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, sig, r ) );
|
||||||
|
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
|
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, sig, len ) );
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
|
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, sig,
|
||||||
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
|
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
|
||||||
|
|
||||||
memcpy( sig, p, len );
|
memmove( sig, p, len );
|
||||||
|
memset( sig + len, 0, ssize - len );
|
||||||
*slen = len;
|
*slen = len;
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
@ -321,6 +321,7 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
mbedtls_mpi r, s;
|
mbedtls_mpi r, s;
|
||||||
|
const size_t ssize = MBEDTLS_ECDSA_MAX_SIG_LEN( ctx->grp.pbits );
|
||||||
|
|
||||||
mbedtls_mpi_init( &r );
|
mbedtls_mpi_init( &r );
|
||||||
mbedtls_mpi_init( &s );
|
mbedtls_mpi_init( &s );
|
||||||
|
@ -338,7 +339,7 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t
|
||||||
hash, hlen, f_rng, p_rng ) );
|
hash, hlen, f_rng, p_rng ) );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
|
MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen, ssize ) );
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
mbedtls_mpi_free( &r );
|
mbedtls_mpi_free( &r );
|
||||||
|
|
|
@ -142,7 +142,7 @@ void ecdsa_write_read_random( int id )
|
||||||
rnd_pseudo_info rnd_info;
|
rnd_pseudo_info rnd_info;
|
||||||
unsigned char hash[32];
|
unsigned char hash[32];
|
||||||
unsigned char sig[200];
|
unsigned char sig[200];
|
||||||
size_t sig_len, i;
|
size_t sig_len, max_sig_len, i;
|
||||||
|
|
||||||
mbedtls_ecdsa_init( &ctx );
|
mbedtls_ecdsa_init( &ctx );
|
||||||
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
|
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
|
||||||
|
@ -162,8 +162,10 @@ void ecdsa_write_read_random( int id )
|
||||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||||
sig, sig_len ) == 0 );
|
sig, sig_len ) == 0 );
|
||||||
|
|
||||||
/* check we didn't write past the announced length */
|
/* check we didn't write past the maximum length */
|
||||||
for( i = sig_len; i < sizeof( sig ); i++ )
|
max_sig_len = MBEDTLS_ECDSA_MAX_SIG_LEN( ctx.grp.pbits );
|
||||||
|
TEST_ASSERT( sig_len <= max_sig_len );
|
||||||
|
for( i = max_sig_len; i < sizeof( sig ); i++ )
|
||||||
TEST_ASSERT( sig[i] == 0x2a );
|
TEST_ASSERT( sig[i] == 0x2a );
|
||||||
|
|
||||||
/* try verification with invalid length */
|
/* try verification with invalid length */
|
||||||
|
|
Loading…
Reference in a new issue