From: Steve Clark Date: Fri, 2 Oct 2015 13:06:02 +0000 (-0600) Subject: Fix tinydtls implementation of sign & verify X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f2da5d0b80c95fac89caae6dcc9b3d567ea82c8f;p=contrib%2Fiotivity.git Fix tinydtls implementation of sign & verify Change-Id: Id9b721a12e517fb0fe5adae76b380acb04b467cd Signed-off-by: Steve Clark Reviewed-on: https://gerrit.iotivity.org/gerrit/3417 Tested-by: jenkins-iotivity Reviewed-by: Sachin Agrawal (cherry picked from commit 28fd8b67657cdbe3860302a3ea92d83515c1a688) Reviewed-on: https://gerrit.iotivity.org/gerrit/3435 --- diff --git a/extlibs/tinydtls/crypto.c b/extlibs/tinydtls/crypto.c index 7433432..d8e5e8e 100644 --- a/extlibs/tinydtls/crypto.c +++ b/extlibs/tinydtls/crypto.c @@ -573,16 +573,20 @@ dtls_ecdsa_generate_key(unsigned char *priv_key, /* rfc4492#section-5.4 */ void dtls_ecdsa_create_sig_hash(const unsigned char *priv_key, size_t key_size, - const unsigned char *sign_hash, size_t sign_hash_size, - uint32_t point_r[9], uint32_t point_s[9]) { - uint8_t privateKey[32]; - uint8_t hashValue[32]; - uint8_t sign[64]; + const unsigned char *sign_hash, size_t sign_hash_size, + uint32_t point_r[9], uint32_t point_s[9]) +{ + uint8_t sign[64]; + // Check the buffers + if (priv_key == NULL || key_size < 32) + return 0; + if (sign_hash == NULL || sign_hash_size < 32) + return 0; - uECC_sign(privateKey, hashValue, sign); - memcpy(point_r, sign, 32); - memcpy(point_s, sign + 32, 32); + uECC_sign(priv_key, sign_hash, sign); + memcpy(point_r, sign, 32); + memcpy(point_s, sign + 32, 32); } void @@ -607,17 +611,30 @@ dtls_ecdsa_create_sig(const unsigned char *priv_key, size_t key_size, /* rfc4492#section-5.4 */ int dtls_ecdsa_verify_sig_hash(const unsigned char *pub_key_x, - const unsigned char *pub_key_y, size_t key_size, - const unsigned char *sign_hash, size_t sign_hash_size, - unsigned char *result_r, unsigned char *result_s) { - - uint8_t publicKey[64]; - uint8_t hashValue[32]; - uint8_t sign[64]; - - memcpy(publicKey, pub_key_x, 32); - memcpy(publicKey + 32, pub_key_y, 32); - return uECC_verify(publicKey, hashValue, sign); + const unsigned char *pub_key_y, size_t key_size, + const unsigned char *sign_hash, size_t sign_hash_size, + unsigned char *result_r, unsigned char *result_s) +{ + uint8_t publicKey[64]; + uint8_t sign[64]; + + // Check the buffers + if (pub_key_x == NULL || pub_key_y == NULL || key_size < 32) + return 0; + if (sign_hash == NULL || sign_hash_size < 32) + return 0; + if (result_r == NULL || result_s == NULL) + return 0; + + // Copy the public key into a single buffer + memcpy(publicKey, pub_key_x, 32); + memcpy(publicKey + 32, pub_key_y, 32); + + // Copy the signature into a single buffer + memcpy(sign, result_r, 32); + memcpy(sign + 32, result_s, 32); + + return uECC_verify(publicKey, sign_hash, sign); } int diff --git a/extlibs/tinydtls/dtls.c b/extlibs/tinydtls/dtls.c index e22ad7c..7815c66 100644 --- a/extlibs/tinydtls/dtls.c +++ b/extlibs/tinydtls/dtls.c @@ -1994,11 +1994,11 @@ check_client_certificate_verify(dtls_context_t *ctx, dtls_hash_finalize(sha256hash, &hs_hash); ret = dtls_ecdsa_verify_sig_hash(config->keyx.ecc.other_pub_x, config->keyx.ecc.other_pub_y, - sizeof(config->keyx.ecc.other_pub_x), - sha256hash, sizeof(sha256hash), - result_r, result_s); + sizeof(config->keyx.ecc.other_pub_x), + sha256hash, sizeof(sha256hash), + result_r, result_s); - if (ret < 0) { + if (ret <= 0) { dtls_alert("wrong signature err: %i\n", ret); return dtls_alert_fatal_create(DTLS_ALERT_HANDSHAKE_FAILURE); } @@ -3247,14 +3247,14 @@ check_server_key_exchange_ecdsa(dtls_context_t *ctx, data_length -= ret; ret = dtls_ecdsa_verify_sig(config->keyx.ecc.other_pub_x, config->keyx.ecc.other_pub_y, - sizeof(config->keyx.ecc.other_pub_x), - config->tmp.random.client, DTLS_RANDOM_LENGTH, - config->tmp.random.server, DTLS_RANDOM_LENGTH, - key_params, - 1 + 2 + 1 + 1 + (2 * DTLS_EC_KEY_SIZE), - result_r, result_s); - - if (ret < 0) { + sizeof(config->keyx.ecc.other_pub_x), + config->tmp.random.client, DTLS_RANDOM_LENGTH, + config->tmp.random.server, DTLS_RANDOM_LENGTH, + key_params, + 1 + 2 + 1 + 1 + (2 * DTLS_EC_KEY_SIZE), + result_r, result_s); + + if (ret <= 0) { dtls_alert("wrong signature\n"); return dtls_alert_fatal_create(DTLS_ALERT_HANDSHAKE_FAILURE); }