arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-17 21:22:10 +00:00
Code Issues Releases Wiki Activity

fix(crypto): Fix out of bounds read in ecdsa_sig_to_der().

Browse Source 
[no changelog]
This commit is contained in:
Andrew Kozlik 2022-01-11 09:53:46 +01:00 committed by Andrew Kozlik
parent fc0fa726e4
commit 8baf1ca79f
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/ecdsa.c
View File

@ -1159,7 +1159,7 @@ int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der) {
// process R
i = 0;
while (sig[i] == 0 && i < 32) {
while (i < 31 && sig[i] == 0) {
i++;
} // skip leading zeroes
if (sig[i] >= 0x80) { // put zero in output if MSB set
@ -1182,7 +1182,7 @@ int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der) {
// process S
i = 32;
while (sig[i] == 0 && i < 64) {
while (i < 63 && sig[i] == 0) {
i++;
} // skip leading zeroes
if (sig[i] >= 0x80) { // put zero in output if MSB set

5
crypto/tests/test_check.c
View File

@ -6255,6 +6255,11 @@ START_TEST(test_ecdsa_der) {
"00000000000000000000000000000000000000000000000000000000000000ff",
"3008020200ee020200ff",
},
{
"0000000000000000000000000000000000000000000000000000000000000000",
"0000000000000000000000000000000000000000000000000000000000000000",
"3006020100020100",
},
};
uint8_t sig[64];