Skip to content

Commit fba6ae3

Browse files
karel-mkarel-m
authored
Merge pull request #447 from libtom/pr/ecc-LTC_ECCSIG_RFC7518_RELAXED
Make LTC_ECCSIG_RFC7518 strict (again)
2 parents dec99ed + c2cdaaa commit fba6ae3

File tree

2 files changed

+10
-9
lines changed

2 files changed

+10
-9
lines changed

src/pk/ecc/ecc_verify_hash.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -76,11 +76,11 @@ int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
7676
}
7777
else if (sigformat == LTC_ECCSIG_RFC7518) {
7878
/* RFC7518 format - raw (r,s) */
79-
if ((siglen % 2) == 1) {
79+
i = mp_unsigned_bin_size(key->dp.order);
80+
if (siglen != (2 * i)) {
8081
err = CRYPT_INVALID_PACKET;
8182
goto error;
8283
}
83-
i = siglen / 2;
8484
if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig, i)) != CRYPT_OK) { goto error; }
8585
if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+i, i)) != CRYPT_OK) { goto error; }
8686
}

tests/ecc_test.c

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -240,11 +240,12 @@ static int _ecc_issue108(void)
240240
}
241241

242242
/* https://github.com/libtom/libtomcrypt/issues/443 */
243-
static int _ecc_issue443(void)
243+
/* https://github.com/libtom/libtomcrypt/issues/447 */
244+
static int _ecc_issue443_447(void)
244245
{
245246
const ltc_ecc_curve* cu;
246247
ecc_key key;
247-
int stat = 0;
248+
int err, stat = 0;
248249
unsigned char hash[64];
249250
unsigned long hashlen;
250251
const unsigned char msg[] = { 0x54,0x65,0x73,0x74 };
@@ -274,18 +275,18 @@ static int _ecc_issue443(void)
274275
DO(ecc_find_curve("secp256r1", &cu));
275276
DO(ecc_set_curve(cu, &key));
276277
DO(ecc_set_key(pub1, sizeof(pub1), PK_PUBLIC, &key));
277-
DO(ecc_verify_hash_rfc7518(sig1, sizeof(sig1), hash, hashlen, &stat, &key));
278+
err = ecc_verify_hash_rfc7518(sig1, sizeof(sig1), hash, hashlen, &stat, &key); /* should fail */
278279
ecc_free(&key);
279-
if (stat != 1) return CRYPT_FAIL_TESTVECTOR;
280+
if (err != CRYPT_INVALID_PACKET) return CRYPT_FAIL_TESTVECTOR;
280281

281282
hashlen = sizeof(hash);
282283
DO(hash_memory(find_hash("sha512"), msg, sizeof(msg), hash, &hashlen));
283284
DO(ecc_find_curve("secp521r1", &cu));
284285
DO(ecc_set_curve(cu, &key));
285286
DO(ecc_set_key(pub2, sizeof(pub2), PK_PUBLIC, &key));
286-
DO(ecc_verify_hash_rfc7518(sig2, sizeof(sig2), hash, hashlen, &stat, &key));
287+
err = ecc_verify_hash_rfc7518(sig2, sizeof(sig2), hash, hashlen, &stat, &key); /* should fail */
287288
ecc_free(&key);
288-
if (stat != 1) return CRYPT_FAIL_TESTVECTOR;
289+
if (err != CRYPT_INVALID_PACKET) return CRYPT_FAIL_TESTVECTOR;
289290

290291
return CRYPT_OK;
291292
}
@@ -1598,7 +1599,7 @@ int ecc_tests(void)
15981599
DO(_ecc_import_export());
15991600
DO(_ecc_test_mp());
16001601
DO(_ecc_issue108());
1601-
DO(_ecc_issue443());
1602+
DO(_ecc_issue443_447());
16021603
#ifdef LTC_ECC_SHAMIR
16031604
DO(_ecc_test_shamir());
16041605
DO(_ecc_test_recovery());

0 commit comments

Comments
 (0)