aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-12-10 07:08:05 -0500
committerJack Lloyd <[email protected]>2018-12-10 07:14:42 -0500
commitb5bdefe234f6ea07b57c5bebfc06221298295e88 (patch)
treef335236a9c584241c08a1bf3fffcb9795b2607b9 /src
parentdf760ea61ae294f7d23572cf9104d55c63e94632 (diff)
Work around a problem when built with OpenSSL
It appears OpenSSL has a different interpretation from us of how the message representative is formed for P-521 when given a hash to sign that is larger than the group order; signatures generated by us do not verify with OpenSSL and vice versa.
Diffstat (limited to 'src')
-rw-r--r--src/cli/speed.cpp9
-rw-r--r--src/lib/pubkey/ecdsa/ecdsa.cpp6
-rwxr-xr-xsrc/scripts/test_cli.py2
3 files changed, 10 insertions, 7 deletions
diff --git a/src/cli/speed.cpp b/src/cli/speed.cpp
index 57206a1fa..518601a81 100644
--- a/src/cli/speed.cpp
+++ b/src/cli/speed.cpp
@@ -454,6 +454,7 @@ class Speed final : public Command
else if(format != "default")
throw CLI_Usage_Error("Unknown --format type '" + format + "'");
+#if defined(BOTAN_HAS_ECC_GROUP)
if(ecc_groups.empty())
{
ecc_groups = { "secp256r1", "brainpool256r1",
@@ -465,6 +466,7 @@ class Speed final : public Command
auto all = Botan::EC_Group::known_named_groups();
ecc_groups.assign(all.begin(), all.end());
}
+#endif
std::vector<std::string> algos = get_arg_list("algos");
@@ -1860,15 +1862,20 @@ class Speed final : public Command
{
Botan::ECDSA_PrivateKey key(rng(), group);
- std::vector<uint8_t> message(group.get_order_bytes());
+ std::vector<uint8_t> message(group.get_order_bits() / 8);
rng().randomize(message.data(), message.size());
Botan::PK_Signer signer(key, rng(), "Raw");
signer.update(message);
std::vector<uint8_t> signature = signer.signature(rng());
+ Botan::PK_Verifier verifier(key, "Raw", Botan::IEEE_1363, "base");
+ verifier.update(message);
+ BOTAN_ASSERT(verifier.check_signature(signature), "Valid signature");
+
Botan::BigInt r(signature.data(), signature.size()/2);
Botan::BigInt s(signature.data() + signature.size()/2, signature.size()/2);
+
const uint8_t v = key.recovery_param(message, r, s);
recovery_timer->run([&]() {
diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp
index 70196f55b..fadf1dd10 100644
--- a/src/lib/pubkey/ecdsa/ecdsa.cpp
+++ b/src/lib/pubkey/ecdsa/ecdsa.cpp
@@ -71,11 +71,7 @@ PointGFp recover_ecdsa_public_key(const EC_Group& group,
const BigInt ne = group.mod_order(group_order - e);
return r_inv * RG_mul.multi_exp(s, ne);
}
- catch(Illegal_Point&)
- {
- // continue on and throw
- }
- catch(Decoding_Error&)
+ catch(...)
{
// continue on and throw
}
diff --git a/src/scripts/test_cli.py b/src/scripts/test_cli.py
index 99447e6d4..ee7f9ffab 100755
--- a/src/scripts/test_cli.py
+++ b/src/scripts/test_cli.py
@@ -71,7 +71,7 @@ def test_cli(cmd, cmd_options, expected_output=None, cmd_input=None, expected_st
if stderr:
if expected_stderr is None:
- logging.error("Got output on stderr %s", stderr)
+ logging.error("Got output on stderr %s (stdout was %s)", stderr, stdout)
else:
if stderr != expected_stderr:
logging.error("Got output on stderr %s which did not match expected value %s", stderr, expected_stderr)