Commit 35e95ddc authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard Committed by Paul Bakker
Browse files

Add special return code for ecdsa length mismatch

parent 1cfc4583
...@@ -175,7 +175,9 @@ int ecdsa_write_signature_det( ecdsa_context *ctx, ...@@ -175,7 +175,9 @@ int ecdsa_write_signature_det( ecdsa_context *ctx,
* \param slen Size of sig * \param slen Size of sig
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid * POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
* POLARSSL_ERR_ECP_SIG_LEN_MISTMATCH if the signature is
* valid but its actual length is less than siglen,
* or a POLARSSL_ERR_ECP or POLARSSL_ERR_MPI error code * or a POLARSSL_ERR_ECP or POLARSSL_ERR_MPI error code
*/ */
int ecdsa_read_signature( ecdsa_context *ctx, int ecdsa_read_signature( ecdsa_context *ctx,
......
...@@ -39,6 +39,7 @@ ...@@ -39,6 +39,7 @@
#define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */ #define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
#define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */ #define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */
#define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ #define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
......
...@@ -87,7 +87,7 @@ ...@@ -87,7 +87,7 @@
* DHM 3 9 * DHM 3 9
* PKCS5 3 4 (Started from top) * PKCS5 3 4 (Started from top)
* RSA 4 9 * RSA 4 9
* ECP 4 7 (Started from top) * ECP 4 8 (Started from top)
* MD 5 4 * MD 5 4
* CIPHER 6 6 * CIPHER 6 6
* SSL 6 9 (Started from top) * SSL 6 9 (Started from top)
......
...@@ -422,11 +422,14 @@ int ecdsa_read_signature( ecdsa_context *ctx, ...@@ -422,11 +422,14 @@ int ecdsa_read_signature( ecdsa_context *ctx,
( ret = asn1_get_mpi( &p, end, &ctx->s ) ) != 0 ) ( ret = asn1_get_mpi( &p, end, &ctx->s ) ) != 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret ); return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret );
if( ( ret = ecdsa_verify( &ctx->grp, hash, hlen,
&ctx->Q, &ctx->r, &ctx->s ) ) != 0 )
return( ret );
if( p != end ) if( p != end )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + return( POLARSSL_ERR_ECP_SIG_LEN_MISMATCH );
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( ecdsa_verify( &ctx->grp, hash, hlen, &ctx->Q, &ctx->r, &ctx->s ) ); return( 0 );
} }
/* /*
......
...@@ -245,6 +245,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) ...@@ -245,6 +245,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" ); snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" );
if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) ) if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) )
snprintf( buf, buflen, "ECP - Invalid private or public key" ); snprintf( buf, buflen, "ECP - Invalid private or public key" );
if( use_ret == -(POLARSSL_ERR_ECP_SIG_LEN_MISMATCH) )
snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
#endif /* POLARSSL_ECP_C */ #endif /* POLARSSL_ECP_C */
#if defined(POLARSSL_MD_C) #if defined(POLARSSL_MD_C)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment