From 92c4c21b1e48ffff4889ad5bc646892b83283922 Mon Sep 17 00:00:00 2001
From: Sachin Agrawal <sachin.agrawal@intel.com>
Date: Wed, 7 Oct 2015 16:38:25 -0700
Subject: [PATCH] Fix ECDSA signature verification (IOT-793)

Earlier Fix was not compatible with external SSL libraries because
the signed ECC point was not in correct format. This change has
been verified to be working with upstream tinyDTLS.
This change has been reviewed at
https://gerrit.iotivity.org/gerrit/#/c/3647/

Change-Id: I2bc4d01f8c1a950f9e6e6ac8eaf200c28060c5dc
Signed-off-by: Sachin Agrawal <sachin.agrawal@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/3737
Reviewed-by: dongik Lee <dongik.lee@samsung.com>
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
---
 extlibs/tinydtls/crypto.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/extlibs/tinydtls/crypto.c b/extlibs/tinydtls/crypto.c
index 58d9899..77a8e04 100644
--- a/extlibs/tinydtls/crypto.c
+++ b/extlibs/tinydtls/crypto.c
@@ -585,8 +585,13 @@ dtls_ecdsa_create_sig_hash(const unsigned char *priv_key, size_t key_size,
         return 0;
 
     uECC_sign(priv_key, sign_hash, sign);
-    memcpy(point_r, sign, 32);
-    memcpy(point_s, sign + 32, 32);
+
+    int i;
+    for (i = 0; i < 32; i++)
+    {
+        ((uint8_t *) point_r)[i] = sign[31 - i];
+        ((uint8_t *) point_s)[i] = sign[63 - i];
+    }
 }
 
 void
@@ -631,12 +636,8 @@ dtls_ecdsa_verify_sig_hash(const unsigned char *pub_key_x,
     memcpy(publicKey + 32, pub_key_y, 32);
 
     // Copy the signature into a single buffer
-    int i;
-    for (i = 0; i < 32; i++)
-    {
-        sign[i] = result_r[31 - i];
-        sign[i + 32] = result_s[31 - i];
-    }
+    memcpy(sign, result_r, 32);
+    memcpy(sign + 32, result_s, 32);
 
     return uECC_verify(publicKey, sign_hash, sign);
 }
-- 
2.7.4