[pkg-opensc-commit] [opensc] 08/295: Truncate data for ECDSA signature to the size of the key
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:11 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit 587a29b7f578d4d3b3c1eb711767f3609e37ef41
Author: Jakub Jelen <jjelen at redhat.com>
Date: Mon Apr 25 10:29:02 2016 +0200
Truncate data for ECDSA signature to the size of the key
Based on the paragraph from PKCS#11 MECHANISMS V2.30: 6.3.1 EC Signatures:
If the length of the hash value is larger than the bit length of n, only
the leftmost bits of the hash up to the length of n will be used. Any
truncation is done by the token.
This is affecting NIST PIV Test cards with non-hashed mechanisms.
---
src/libopensc/pkcs15-sec.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/libopensc/pkcs15-sec.c b/src/libopensc/pkcs15-sec.c
index 34629e9..e8609ea 100644
--- a/src/libopensc/pkcs15-sec.c
+++ b/src/libopensc/pkcs15-sec.c
@@ -432,6 +432,16 @@ int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
}
inlen = modlen;
}
+ /* PKCS#11 MECHANISMS V2.30: 6.3.1 EC Signatures
+ * If the length of the hash value is larger than the bit length of n, only
+ * the leftmost bits of the hash up to the length of n will be used. Any
+ * truncation is done by the token.
+ */
+ else if (senv.algorithm == SC_ALGORITHM_EC &&
+ (flags & SC_ALGORITHM_ECDSA_HASH_NONE) != 0) {
+ inlen = MIN(inlen, (prkey->field_length+7)/8);
+ }
+
r = use_key(p15card, obj, &senv, sc_compute_signature, tmp, inlen,
out, outlen);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list