Repository: incubator-mynewt-core Updated Branches: refs/heads/develop aa27be58c -> 68d2e555d
bootutil; fix issues in parsing signature with ECDSA256. Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/551ac6fd Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/551ac6fd Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/551ac6fd Branch: refs/heads/develop Commit: 551ac6fd1b4c7e787772e8d8da4f52da93c68b98 Parents: aa27be5 Author: Marko Kiiskila <[email protected]> Authored: Fri Dec 30 18:53:13 2016 -0800 Committer: Marko Kiiskila <[email protected]> Committed: Fri Dec 30 18:53:13 2016 -0800 ---------------------------------------------------------------------- boot/bootutil/src/image_ec256.c | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/551ac6fd/boot/bootutil/src/image_ec256.c ---------------------------------------------------------------------- diff --git a/boot/bootutil/src/image_ec256.c b/boot/bootutil/src/image_ec256.c index b27a70b..f59a8f0 100644 --- a/boot/bootutil/src/image_ec256.c +++ b/boot/bootutil/src/image_ec256.c @@ -17,6 +17,8 @@ * under the License. */ +#include <string.h> + #include "syscfg/syscfg.h" #if MYNEWT_VAL(BOOTUTIL_SIGN_EC256) @@ -89,21 +91,19 @@ static int tinycrypt_read_bigint(uint32_t i[NUM_ECC_DIGITS], uint8_t **cp, uint8_t *end) { size_t len; + uint8_t bigint[NUM_ECC_BYTES]; if (mbedtls_asn1_get_tag(cp, end, &len, MBEDTLS_ASN1_INTEGER)) { return -3; } - - for (; *cp < end; *cp = *cp + 1, len--) { - if (**cp != 0) { - break; - } - } - if (len != NUM_ECC_BYTES) { - return -1; + if (len > NUM_ECC_BYTES) { + memcpy(bigint, *cp + len - NUM_ECC_BYTES, NUM_ECC_BYTES); + } else { + memset(bigint, 0, NUM_ECC_BYTES - len); + memcpy(bigint + NUM_ECC_BYTES - len, *cp, len); } - ecc_bytes2native(i, *cp); *cp += len; + ecc_bytes2native(i, bigint); return 0; } @@ -156,10 +156,6 @@ bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen, return -1; } - while (sig[slen - 1] == '\0') { - slen--; - } - rc = tinycrypt_decode_sig(r, s, sig, sig + slen); if (rc) { return -1;
