From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Tue, 14 Apr 2020 12:22:20 +0000 (+0300)
Subject: lib-dcrypt: Pad signature parts to match ECDSA key size
X-Git-Tag: 2.3.11.2~468
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eef66bceadce0a5db0ce0fee970faffced248987;p=thirdparty%2Fdovecot%2Fcore.git

lib-dcrypt: Pad signature parts to match ECDSA key size

This is required for ECDSA signatures.
---

diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c
index 8a0ce1633d..b65630ff80 100644
--- a/src/lib-dcrypt/dcrypt-openssl.c
+++ b/src/lib-dcrypt/dcrypt-openssl.c
@@ -3206,6 +3206,7 @@ dcrypt_openssl_sign_ecdsa(struct dcrypt_private_key *key, const char *algorithm,
 	EVP_PKEY *pkey = key->key;
 	EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey);
 	bool ret;
+	int rs_len = EC_GROUP_order_bits(EC_KEY_get0_group(ec_key)) / 8;
 
 	/* digest data */
 	buffer_t *digest = t_buffer_create(64);
@@ -3224,14 +3225,12 @@ dcrypt_openssl_sign_ecdsa(struct dcrypt_private_key *key, const char *algorithm,
 	ECDSA_SIG_get0(ec_sig, &r, &s);
 
 	/* write r */
-	int bytes = BN_num_bytes(r);
-	unsigned char *buf = buffer_append_space_unsafe(signature_r, bytes);
-	if (BN_bn2bin(r, buf) != bytes) {
+	unsigned char *buf = buffer_append_space_unsafe(signature_r, rs_len);
+	if (BN_bn2binpad(r, buf, rs_len) != rs_len) {
 		ret = dcrypt_openssl_error(error_r);
 	} else {
-		bytes = BN_num_bytes(s);
-		buf = buffer_append_space_unsafe(signature_r, bytes);
-		if (BN_bn2bin(s, buf) != bytes) {
+		buf = buffer_append_space_unsafe(signature_r, rs_len);
+		if (BN_bn2binpad(s, buf, rs_len) != rs_len) {
 			ret = dcrypt_openssl_error(error_r);
 		} else {
 			ret = TRUE;