1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-23 23:08:14 +00:00

check return values of ecdsa_sign calls

This commit is contained in:
Pavol Rusnak 2016-11-08 15:48:44 +01:00
parent 71890e4edf
commit 810d478f4c
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
2 changed files with 13 additions and 6 deletions

View File

@ -592,7 +592,11 @@ void signing_txack(TransactionType *tx)
resp.serialized.signature_index = idx1; resp.serialized.signature_index = idx1;
resp.serialized.has_signature = true; resp.serialized.has_signature = true;
resp.serialized.has_serialized_tx = true; resp.serialized.has_serialized_tx = true;
ecdsa_sign_digest(&secp256k1, privkey, hash, sig, NULL, NULL); if (ecdsa_sign_digest(&secp256k1, privkey, hash, sig, NULL, NULL) != 0) {
fsm_sendFailure(FailureType_Failure_Other, "Signing failed");
signing_abort();
return;
}
resp.serialized.signature.size = ecdsa_sig_to_der(sig, resp.serialized.signature.bytes); resp.serialized.signature.size = ecdsa_sig_to_der(sig, resp.serialized.signature.bytes);
if (input.script_type == InputScriptType_SPENDMULTISIG) { if (input.script_type == InputScriptType_SPENDMULTISIG) {
if (!input.has_multisig) { if (!input.has_multisig) {

View File

@ -624,8 +624,10 @@ void u2f_register(const APDU *a)
memcpy(sig_base.chal, req->chal, U2F_CHAL_SIZE); memcpy(sig_base.chal, req->chal, U2F_CHAL_SIZE);
memcpy(sig_base.keyHandle, &resp->keyHandleCertSig, KEY_HANDLE_LEN); memcpy(sig_base.keyHandle, &resp->keyHandleCertSig, KEY_HANDLE_LEN);
memcpy(sig_base.pubKey, &resp->pubKey, U2F_PUBKEY_LEN); memcpy(sig_base.pubKey, &resp->pubKey, U2F_PUBKEY_LEN);
ecdsa_sign(&nist256p1, U2F_ATT_PRIV_KEY, (uint8_t *)&sig_base, if (ecdsa_sign(&nist256p1, U2F_ATT_PRIV_KEY, (uint8_t *)&sig_base, sizeof(sig_base), sig, NULL, NULL) != 0) {
sizeof(sig_base), sig, NULL, NULL); send_u2f_error(U2F_SW_WRONG_DATA);
return;
}
// Where to write the signature in the response // Where to write the signature in the response
uint8_t *resp_sig = resp->keyHandleCertSig + uint8_t *resp_sig = resp->keyHandleCertSig +
@ -744,9 +746,10 @@ void u2f_authenticate(const APDU *a)
sig_base.flags = resp->flags; sig_base.flags = resp->flags;
memcpy(sig_base.ctr, resp->ctr, 4); memcpy(sig_base.ctr, resp->ctr, 4);
memcpy(sig_base.chal, req->chal, U2F_CHAL_SIZE); memcpy(sig_base.chal, req->chal, U2F_CHAL_SIZE);
ecdsa_sign(&nist256p1, node->private_key, if (ecdsa_sign(&nist256p1, node->private_key, (uint8_t *)&sig_base, sizeof(sig_base), sig, NULL, NULL) != 0) {
(uint8_t *)&sig_base, sizeof(sig_base), sig, send_u2f_error(U2F_SW_WRONG_DATA);
NULL, NULL); return;
}
// Copy DER encoded signature into response // Copy DER encoded signature into response
const uint8_t sig_len = ecdsa_sig_to_der(sig, resp->sig); const uint8_t sig_len = ecdsa_sig_to_der(sig, resp->sig);