mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

If self-signature fails, puts all-0.

Browse source 
When generating a keypair and returns a self-signed CVREQ, the signature might fail for Curve25519 and Curve448. Instead of returning null, it puts zeros in order to return what is expected to return.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2022-11-11 17:04:17 +01:00
parent 6bf72e5a59
commit d09a7cf9c8
No known key found for this signature in database
GPG key ID: C0095B7870A4CCD3
1 changed files with 8 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/hsm/cvc.c
View file

@ -189,7 +189,7 @@ size_t asn1_cvc_cert(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_t buf
p += format_tlv_len(key_size, p);
if (key_type == HSM_KEY_RSA) {
if (mbedtls_rsa_rsassa_pkcs1_v15_sign(rsa_ecdsa, random_gen, NULL, MBEDTLS_MD_SHA256, 32, hsh, p) != 0)
return 0;
memset(p, 0, key_size);
p += key_size;
}
else if (key_type == HSM_KEY_EC) {
@ -199,13 +199,14 @@ size_t asn1_cvc_cert(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_t buf
mbedtls_mpi_init(&r);
mbedtls_mpi_init(&s);
ret = mbedtls_ecdsa_sign(&ecdsa->grp, &r, &s, &ecdsa->d, hsh, sizeof(hsh), random_gen, NULL);
if (ret != 0) {
mbedtls_mpi_free(&r);
mbedtls_mpi_free(&s);
return 0;
if (ret == 0) {
mbedtls_mpi_write_binary(&r, p, mbedtls_mpi_size(&r)); p += mbedtls_mpi_size(&r);
mbedtls_mpi_write_binary(&s, p, mbedtls_mpi_size(&s)); p += mbedtls_mpi_size(&s);
}
else {
memset(p, 0, key_size);
p += key_size;
}
mbedtls_mpi_write_binary(&r, p, mbedtls_mpi_size(&r)); p += mbedtls_mpi_size(&r);
mbedtls_mpi_write_binary(&s, p, mbedtls_mpi_size(&s)); p += mbedtls_mpi_size(&s);
mbedtls_mpi_free(&r);
mbedtls_mpi_free(&s);
}