diff options
author | Jack Lloyd <[email protected]> | 2018-12-10 07:08:05 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-12-10 07:14:42 -0500 |
commit | b5bdefe234f6ea07b57c5bebfc06221298295e88 (patch) | |
tree | f335236a9c584241c08a1bf3fffcb9795b2607b9 /src | |
parent | df760ea61ae294f7d23572cf9104d55c63e94632 (diff) |
Work around a problem when built with OpenSSL
It appears OpenSSL has a different interpretation from us of how the
message representative is formed for P-521 when given a hash to sign
that is larger than the group order; signatures generated by us do
not verify with OpenSSL and vice versa.
Diffstat (limited to 'src')
-rw-r--r-- | src/cli/speed.cpp | 9 | ||||
-rw-r--r-- | src/lib/pubkey/ecdsa/ecdsa.cpp | 6 | ||||
-rwxr-xr-x | src/scripts/test_cli.py | 2 |
3 files changed, 10 insertions, 7 deletions
diff --git a/src/cli/speed.cpp b/src/cli/speed.cpp index 57206a1fa..518601a81 100644 --- a/src/cli/speed.cpp +++ b/src/cli/speed.cpp @@ -454,6 +454,7 @@ class Speed final : public Command else if(format != "default") throw CLI_Usage_Error("Unknown --format type '" + format + "'"); +#if defined(BOTAN_HAS_ECC_GROUP) if(ecc_groups.empty()) { ecc_groups = { "secp256r1", "brainpool256r1", @@ -465,6 +466,7 @@ class Speed final : public Command auto all = Botan::EC_Group::known_named_groups(); ecc_groups.assign(all.begin(), all.end()); } +#endif std::vector<std::string> algos = get_arg_list("algos"); @@ -1860,15 +1862,20 @@ class Speed final : public Command { Botan::ECDSA_PrivateKey key(rng(), group); - std::vector<uint8_t> message(group.get_order_bytes()); + std::vector<uint8_t> message(group.get_order_bits() / 8); rng().randomize(message.data(), message.size()); Botan::PK_Signer signer(key, rng(), "Raw"); signer.update(message); std::vector<uint8_t> signature = signer.signature(rng()); + Botan::PK_Verifier verifier(key, "Raw", Botan::IEEE_1363, "base"); + verifier.update(message); + BOTAN_ASSERT(verifier.check_signature(signature), "Valid signature"); + Botan::BigInt r(signature.data(), signature.size()/2); Botan::BigInt s(signature.data() + signature.size()/2, signature.size()/2); + const uint8_t v = key.recovery_param(message, r, s); recovery_timer->run([&]() { diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp index 70196f55b..fadf1dd10 100644 --- a/src/lib/pubkey/ecdsa/ecdsa.cpp +++ b/src/lib/pubkey/ecdsa/ecdsa.cpp @@ -71,11 +71,7 @@ PointGFp recover_ecdsa_public_key(const EC_Group& group, const BigInt ne = group.mod_order(group_order - e); return r_inv * RG_mul.multi_exp(s, ne); } - catch(Illegal_Point&) - { - // continue on and throw - } - catch(Decoding_Error&) + catch(...) { // continue on and throw } diff --git a/src/scripts/test_cli.py b/src/scripts/test_cli.py index 99447e6d4..ee7f9ffab 100755 --- a/src/scripts/test_cli.py +++ b/src/scripts/test_cli.py @@ -71,7 +71,7 @@ def test_cli(cmd, cmd_options, expected_output=None, cmd_input=None, expected_st if stderr: if expected_stderr is None: - logging.error("Got output on stderr %s", stderr) + logging.error("Got output on stderr %s (stdout was %s)", stderr, stdout) else: if stderr != expected_stderr: logging.error("Got output on stderr %s which did not match expected value %s", stderr, expected_stderr) |