_ Git - BearSSL/blob - src/ec/ecdsa_atr.c

   1 /*
   2  * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
   3  *
   4  * Permission is hereby granted, free of charge, to any person obtaining
   5  * a copy of this software and associated documentation files (the
   6  * "Software"), to deal in the Software without restriction, including
   7  * without limitation the rights to use, copy, modify, merge, publish,
   8  * distribute, sublicense, and/or sell copies of the Software, and to
   9  * permit persons to whom the Software is furnished to do so, subject to
  10  * the following conditions:
  11  *
  12  * The above copyright notice and this permission notice shall be
  13  * included in all copies or substantial portions of the Software.
  14  *
  15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  17  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  18  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
  19  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
  20  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  21  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  22  * SOFTWARE.
  23  */
  24
  25 #include "inner.h"
  26
  27 /* see bearssl_ec.h */
  28 size_t
  29 br_ecdsa_asn1_to_raw(void *sig, size_t sig_len)
  30 {
  31         /*
  32          * Note: this code is a bit lenient in that it accepts a few
  33          * deviations to DER with regards to minimality of encoding of
  34          * lengths and integer values. These deviations are still
  35          * unambiguous.
  36          */
  37
  38         unsigned char *buf, *r, *s;
  39         size_t zlen, rlen, slen, off;
  40         unsigned char tmp[254];
  41
  42         buf = sig;
  43         if (sig_len < 8) {
  44                 return 0;
  45         }
  46         if (buf[0] != 0x30) {
  47                 return 0;
  48         }
  49         zlen = buf[1];
  50         if (zlen > 0x80) {
  51                 if (zlen != 0x81) {
  52                         return 0;
  53                 }
  54                 zlen = buf[2];
  55                 if (zlen != sig_len - 3) {
  56                         return 0;
  57                 }
  58                 off = 3;
  59         } else {
  60                 if (zlen != sig_len - 2) {
  61                         return 0;
  62                 }
  63                 off = 2;
  64         }
  65         if (buf[off ++] != 0x02) {
  66                 return 0;
  67         }
  68         rlen = buf[off ++];
  69         if (rlen >= 0x80) {
  70                 return 0;
  71         }
  72         r = buf + off;
  73         off += rlen;
  74         if (off + 2 > sig_len) {
  75                 return 0;
  76         }
  77         if (buf[off ++] != 0x02) {
  78                 return 0;
  79         }
  80         slen = buf[off ++];
  81         if (slen >= 0x80 || slen != sig_len - off) {
  82                 return 0;
  83         }
  84         s = buf + off;
  85
  86         while (rlen > 0 && *r == 0) {
  87                 rlen --;
  88                 r ++;
  89         }
  90         while (slen > 0 && *s == 0) {
  91                 slen --;
  92                 s ++;
  93         }
  94
  95         zlen = rlen > slen ? rlen : slen;
  96         sig_len = zlen << 1;
  97         memset(tmp, 0, sig_len);
  98         memcpy(tmp + zlen - rlen, r, rlen);
  99         memcpy(tmp + sig_len - slen, s, slen);
 100         memcpy(sig, tmp, sig_len);
 101         return sig_len;
 102 }