> On 20 Jul 2016, at 15:15, Markus Friedl <[email protected]> wrote: > > great! > > this changes the code to hide the ECDSA conversion inside crypto.c and > also make ECDSA work with the generic RFC 7427 signature encoding. > > Could you verify this with OS X? I've only tested strongswan. > > -m > >
Nice, I’ve tested your diff with OS X and it works fine. > On 20 Jul 2016, at 14:56, Reyk Floeter <[email protected]> wrote: > The first auth_eap diff has been committed. > I'm re-sending your remaining diff with minor changes: > - style, wrap long lines, tabs instead of spaces > - sort man page entry > > There are open questions: > - why aren't the p2d_ecdsa_sig() and d2p_ecdsa_sig in ikev2_msg.c in crypto.c? > - why not using the new flexible ike signature type? > - aren't there other encoding formats? > > Comments? > > Reyk I’m just learning to write in C and that’s why those functions are probably a bit clumsy. Good to see that Markus already has a diff that blends in well, which I can learn from. DER might also be in use, because rfc3279 (section 2.2.3) specifies it must be asn.1 encoded for ecdsa signatures. But rfc4754 (section 7) specifies the payload shall be in plain format. Since rfc4754 is created for ike/ikev2 authentication using ecdsa I assume that it will overrule other (generic) rfc documents. Keeping support for DER encoded signatures shouldn’t be too difficult though, but the signature length can be uneven. This will cause issues in the current code, because the signature will be zero-padded. So you can’t use ibuf_size directly to get the actual signature length for verification. René
