From: Nikos Mavrogiannopoulos Date: Fri, 3 Jun 2011 12:09:45 +0000 (+0200) Subject: Truncation of ECDSA and DSA signatures moved to _wrap_nettle_pk_sign() X-Git-Tag: gnutls_2_99_3~60 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=16ee4a4a79cd998982e8248fcabaea1d8a5e201e;p=thirdparty%2Fgnutls.git Truncation of ECDSA and DSA signatures moved to _wrap_nettle_pk_sign() and _wrap_nettle_pk_verify(). --- diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c index 4400e6fe43..5dddae2b1c 100644 --- a/lib/gnutls_pubkey.c +++ b/lib/gnutls_pubkey.c @@ -1219,10 +1219,10 @@ int hash_algo; } else if (pubkey->pk_algorithm == GNUTLS_PK_ECC) { - hash_algo = _gnutls_dsa_q_to_hash (pubkey->pk_algorithm, &pubkey->params, &hash_size); - if (_gnutls_version_has_selectable_sighash (ver) && sign != GNUTLS_SIGN_UNKNOWN) { + hash_algo = _gnutls_dsa_q_to_hash (pubkey->pk_algorithm, &pubkey->params, &hash_size); + if (_gnutls_hash_get_algo_len(_gnutls_sign_get_hash_algorithm(sign)) != hash_size) return GNUTLS_E_UNWANTED_ALGORITHM; } diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 478851b9bb..d0f2b96ddf 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -364,9 +364,10 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo, { gnutls_assert (); _gnutls_debug_log("Security level of algorithm requires hash %s(%d) or better\n", gnutls_mac_get_name(hash), hash_len); + hash_len = vdata->size; } - ret = ecc_sign_hash(vdata->data, vdata->size, + ret = ecc_sign_hash(vdata->data, hash_len, &sig, NULL, rnd_func, &priv); if (ret != 0) { @@ -405,12 +406,13 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo, if (hash_len > vdata->size) { gnutls_assert (); - _gnutls_debug_log("Security level of algorithm requires hash %s or better\n", gnutls_mac_get_name(hash)); + _gnutls_debug_log("Security level of algorithm requires hash %s(%d) or better\n", gnutls_mac_get_name(hash), hash_len); + hash_len = vdata->size; } ret = _dsa_sign (&pub, &priv, NULL, rnd_func, - vdata->size, vdata->data, &sig); + hash_len, vdata->data, &sig); if (ret == 0) { gnutls_assert (); @@ -523,6 +525,7 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo, const gnutls_pk_params_st * pk_params) { int ret; + int hash_len; bigint_t tmp[2] = { NULL, NULL }; switch (algo) @@ -544,7 +547,11 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo, memcpy (&sig.r, tmp[0], sizeof (sig.r)); memcpy (&sig.s, tmp[1], sizeof (sig.s)); - ret = ecc_verify_hash(&sig, vdata->data, vdata->size, &stat, &pub); + _gnutls_dsa_q_to_hash (algo, pk_params, &hash_len); + if (hash_len > vdata->size) + hash_len = vdata->size; + + ret = ecc_verify_hash(&sig, vdata->data, hash_len, &stat, &pub); if (ret != 0 || stat != 1) { gnutls_assert(); @@ -573,7 +580,11 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo, memcpy (&sig.r, tmp[0], sizeof (sig.r)); memcpy (&sig.s, tmp[1], sizeof (sig.s)); - ret = _dsa_verify (&pub, vdata->size, vdata->data, &sig); + _gnutls_dsa_q_to_hash (algo, pk_params, &hash_len); + if (hash_len > vdata->size) + hash_len = vdata->size; + + ret = _dsa_verify (&pub, hash_len, vdata->data, &sig); if (ret == 0) { gnutls_assert(); diff --git a/lib/x509/verify.c b/lib/x509/verify.c index df45746db3..6f0ab8da2b 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -847,11 +847,14 @@ dsa_verify_sig (const gnutls_datum_t * text, if (!hash->data || hash->size < hash_len) { gnutls_assert(); - _gnutls_debug_log("Hash size (%d) does not correspond to hash %s or better.\n", (int)hash->size, gnutls_mac_get_name(algo)); - return gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED); + _gnutls_debug_log("Hash size (%d) does not correspond to hash %s(%d) or better.\n", (int)hash->size, gnutls_mac_get_name(algo), hash_len); + + if (hash->size != 20) /* SHA1 is allowed */ + return gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED); } - digest = *hash; + digest.data = hash->data; + digest.size = hash->size; } else {