diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2016-04-04 15:35:43 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2016-04-05 16:17:10 +0200 |
| commit | 7316a13bd14b2f3eadf39f8fd5336552212cc9a4 (patch) | |
| tree | 270b0e255d831a5c23aeedf9c3e8aa368bec986a /src | |
| parent | b82b5f63983eced131f8f55a9280a305962ad901 (diff) | |
| download | strongswan-7316a13bd14b2f3eadf39f8fd5336552212cc9a4.tar.bz2 strongswan-7316a13bd14b2f3eadf39f8fd5336552212cc9a4.tar.xz | |
pkcs11: Skip zero-padding of r and s when preparing EC signature
They are zero padded to fill the buffer.
Fixes #1377.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c index bfc545972..aec4550ce 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c @@ -295,13 +295,19 @@ METHOD(private_key_t, sign, bool, case SIGN_ECDSA_WITH_SHA256_DER: case SIGN_ECDSA_WITH_SHA384_DER: case SIGN_ECDSA_WITH_SHA512_DER: - /* return an ASN.1 encoded sequence of integers r and s */ + { + chunk_t r, s; + + /* return an ASN.1 encoded sequence of integers r and s, removing + * any zero-padding */ len /= 2; + r = chunk_skip_zero(chunk_create(buf, len)); + s = chunk_skip_zero(chunk_create(buf+len, len)); *signature = asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_integer("c", chunk_create(buf, len)), - asn1_integer("c", chunk_create(buf+len, len))); + asn1_integer("c", r), asn1_integer("c", s)); free(buf); break; + } default: *signature = chunk_create(buf, len); break; |