mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-18 04:18:10 +00:00
fix(crypto): Fix out of bounds read in ecdsa_sig_to_der().
[no changelog]
This commit is contained in:
parent
fc0fa726e4
commit
8baf1ca79f
@ -1159,7 +1159,7 @@ int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der) {
|
|||||||
|
|
||||||
// process R
|
// process R
|
||||||
i = 0;
|
i = 0;
|
||||||
while (sig[i] == 0 && i < 32) {
|
while (i < 31 && sig[i] == 0) {
|
||||||
i++;
|
i++;
|
||||||
} // skip leading zeroes
|
} // skip leading zeroes
|
||||||
if (sig[i] >= 0x80) { // put zero in output if MSB set
|
if (sig[i] >= 0x80) { // put zero in output if MSB set
|
||||||
@ -1182,7 +1182,7 @@ int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der) {
|
|||||||
|
|
||||||
// process S
|
// process S
|
||||||
i = 32;
|
i = 32;
|
||||||
while (sig[i] == 0 && i < 64) {
|
while (i < 63 && sig[i] == 0) {
|
||||||
i++;
|
i++;
|
||||||
} // skip leading zeroes
|
} // skip leading zeroes
|
||||||
if (sig[i] >= 0x80) { // put zero in output if MSB set
|
if (sig[i] >= 0x80) { // put zero in output if MSB set
|
||||||
|
@ -6255,6 +6255,11 @@ START_TEST(test_ecdsa_der) {
|
|||||||
"00000000000000000000000000000000000000000000000000000000000000ff",
|
"00000000000000000000000000000000000000000000000000000000000000ff",
|
||||||
"3008020200ee020200ff",
|
"3008020200ee020200ff",
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
|
"0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
|
"3006020100020100",
|
||||||
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
uint8_t sig[64];
|
uint8_t sig[64];
|
||||||
|
Loading…
Reference in New Issue
Block a user