1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-30 03:18:20 +00:00

fix ecdsa_sig_to_der

This commit is contained in:
Pavol Rusnak 2014-02-08 15:55:03 +01:00
parent 6a856479a8
commit d433bcfa10
2 changed files with 55 additions and 22 deletions

53
ecdsa.c
View File

@ -533,28 +533,37 @@ int ecdsa_verify_digest(const uint8_t *pub_key, const uint8_t *sig, const uint8_
int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der) int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der)
{ {
int p1, p2; int i;
p1 = sig[0] >= 0x80; uint8_t *p = der, *len, *len1, *len2;
p2 = sig[32] >= 0x80; *p = 0x30; p++; // sequence
der[0] = 0x30; // sequence *p = 0x00; len = p; p++; // len(sequence)
der[1] = (1 + 1 + p1 + 32) + (1 + 1 + p2 + 32); // total len
der[2] = 0x02; // int *p = 0x02; p++; // integer
if (p1) { *p = 0x00; len1 = p; p++; // len(integer)
der[3] = 33;
der[4] = 0x00; // process R
memcpy(der + 5, sig, 32); i = 0;
} else { while (sig[i] == 0 && i < 32) { i++; } // skip leading zeroes
der[3] = 32; if (sig[i] >= 0x80) { // put zero in output if MSB set
memcpy(der + 4, sig, 32); *p = 0x00; p++; *len1 = *len1 + 1;
} }
der[36 + p1] = 0x02; // int while (i < 32) { // copy bytes to output
if (p2) { *p = sig[i]; p++; *len1 = *len1 + 1; i++;
der[37 + p1] = 33;
der[38 + p1] = 0x00;
memcpy(der + 39 + p1, sig + 32, 32);
} else {
der[37 + p1] = 32;
memcpy(der + 38 + p1, sig + 32, 32);
} }
return der[1] + 2;
*p = 0x02; p++; // integer
*p = 0x00; len2 = p; p++; // len(integer)
// process S
i = 32;
while (sig[i] == 0 && i < 64) { i++; } // skip leading zeroes
if (sig[i] >= 0x80) { // put zero in output if MSB set
*p = 0x00; p++; *len2 = *len2 + 1;
}
while (i < 64) { // copy bytes to output
*p = sig[i]; p++; *len2 = *len2 + 1; i++;
}
*len = *len1 + *len2 + 4;
return *len + 2;
} }

24
tests.c
View File

@ -573,6 +573,30 @@ START_TEST(test_ecdsa_der)
res = ecdsa_sig_to_der(sig, der); res = ecdsa_sig_to_der(sig, der);
ck_assert_int_eq(res, 72); ck_assert_int_eq(res, 72);
ck_assert_mem_eq(der, fromhex("3046022100eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee022100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"), 72); ck_assert_mem_eq(der, fromhex("3046022100eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee022100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"), 72);
memcpy(sig, fromhex("0000000000000000000000000000000000000000000000000000000000000066"), 32);
memcpy(sig + 32, fromhex("0000000000000000000000000000000000000000000000000000000000000077"), 32);
res = ecdsa_sig_to_der(sig, der);
ck_assert_int_eq(res, 8);
ck_assert_mem_eq(der, fromhex("3006020166020177"), 8);
memcpy(sig, fromhex("0000000000000000000000000000000000000000000000000000000000000066"), 32);
memcpy(sig + 32, fromhex("00000000000000000000000000000000000000000000000000000000000000ee"), 32);
res = ecdsa_sig_to_der(sig, der);
ck_assert_int_eq(res, 9);
ck_assert_mem_eq(der, fromhex("3007020166020200ee"), 9);
memcpy(sig, fromhex("00000000000000000000000000000000000000000000000000000000000000ee"), 32);
memcpy(sig + 32, fromhex("0000000000000000000000000000000000000000000000000000000000000077"), 32);
res = ecdsa_sig_to_der(sig, der);
ck_assert_int_eq(res, 9);
ck_assert_mem_eq(der, fromhex("3007020200ee020177"), 9);
memcpy(sig, fromhex("00000000000000000000000000000000000000000000000000000000000000ee"), 32);
memcpy(sig + 32, fromhex("00000000000000000000000000000000000000000000000000000000000000ff"), 32);
res = ecdsa_sig_to_der(sig, der);
ck_assert_int_eq(res, 10);
ck_assert_mem_eq(der, fromhex("3008020200ee020200ff"), 10);
} }
END_TEST END_TEST