[pkg-opensc-commit] [opensc] 08/295: Truncate data for ECDSA signature to the size of the key

[Eric Dorland]

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit 587a29b7f578d4d3b3c1eb711767f3609e37ef41
Author: Jakub Jelen <jjelen at redhat.com>
Date:   Mon Apr 25 10:29:02 2016 +0200

    Truncate data for ECDSA signature to the size of the key
    
    Based on the paragraph from PKCS#11 MECHANISMS V2.30: 6.3.1 EC Signatures:
    
    	If the length of the hash value is larger than the bit length of n, only
    	the leftmost bits of the hash up to the length of n will be used. Any
    	truncation is done by the token.
    
    This is affecting NIST PIV Test cards with non-hashed mechanisms.
---
 src/libopensc/pkcs15-sec.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/libopensc/pkcs15-sec.c b/src/libopensc/pkcs15-sec.c
index 34629e9..e8609ea 100644
--- a/src/libopensc/pkcs15-sec.c
+++ b/src/libopensc/pkcs15-sec.c
@@ -432,6 +432,16 @@ int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
 		}
 		inlen = modlen;
 	}
+	/* PKCS#11 MECHANISMS V2.30: 6.3.1 EC Signatures
+	 * If the length of the hash value is larger than the bit length of n, only
+	 * the leftmost bits of the hash up to the length of n will be used. Any
+	 * truncation is done by the token.
+	 */
+	else if (senv.algorithm == SC_ALGORITHM_EC &&
+			(flags & SC_ALGORITHM_ECDSA_HASH_NONE) != 0) {
+		inlen = MIN(inlen, (prkey->field_length+7)/8);
+	}
+
 
 	r = use_key(p15card, obj, &senv, sc_compute_signature, tmp, inlen,
 			out, outlen);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git