Add special return code for ecdsa length mismatch

This commit is contained in:
Manuel Pégourié-Gonnard 2014-04-08 12:17:41 +02:00 committed by Paul Bakker
parent 1cfc45835f
commit 35e95ddca4
5 changed files with 14 additions and 6 deletions

View file

@ -175,7 +175,9 @@ int ecdsa_write_signature_det( ecdsa_context *ctx,
* \param slen Size of sig
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
* POLARSSL_ERR_ECP_SIG_LEN_MISTMATCH if the signature is
* valid but its actual length is less than siglen,
* or a POLARSSL_ERR_ECP or POLARSSL_ERR_MPI error code
*/
int ecdsa_read_signature( ecdsa_context *ctx,

View file

@ -39,6 +39,7 @@
#define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
#define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */
#define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */
#ifdef __cplusplus
extern "C" {

View file

@ -87,7 +87,7 @@
* DHM 3 9
* PKCS5 3 4 (Started from top)
* RSA 4 9
* ECP 4 7 (Started from top)
* ECP 4 8 (Started from top)
* MD 5 4
* CIPHER 6 6
* SSL 6 9 (Started from top)

View file

@ -422,11 +422,14 @@ int ecdsa_read_signature( ecdsa_context *ctx,
( ret = asn1_get_mpi( &p, end, &ctx->s ) ) != 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret );
if( p != end )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
if( ( ret = ecdsa_verify( &ctx->grp, hash, hlen,
&ctx->Q, &ctx->r, &ctx->s ) ) != 0 )
return( ret );
return( ecdsa_verify( &ctx->grp, hash, hlen, &ctx->Q, &ctx->r, &ctx->s ) );
if( p != end )
return( POLARSSL_ERR_ECP_SIG_LEN_MISMATCH );
return( 0 );
}
/*

View file

@ -245,6 +245,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" );
if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) )
snprintf( buf, buflen, "ECP - Invalid private or public key" );
if( use_ret == -(POLARSSL_ERR_ECP_SIG_LEN_MISMATCH) )
snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
#endif /* POLARSSL_ECP_C */
#if defined(POLARSSL_MD_C)