Commit 92c4c21b authored by Sachin Agrawal's avatar Sachin Agrawal

Fix ECDSA signature verification (IOT-793)

Earlier Fix was not compatible with external SSL libraries because
the signed ECC point was not in correct format. This change has
been verified to be working with upstream tinyDTLS.
This change has been reviewed at
https://gerrit.iotivity.org/gerrit/#/c/3647/

Change-Id: I2bc4d01f8c1a950f9e6e6ac8eaf200c28060c5dc
Signed-off-by: default avatarSachin Agrawal <sachin.agrawal@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/3737Reviewed-by: default avatardongik Lee <dongik.lee@samsung.com>
Tested-by: default avatarjenkins-iotivity <jenkins-iotivity@opendaylight.org>
parent 88b151d8
......@@ -585,8 +585,13 @@ dtls_ecdsa_create_sig_hash(const unsigned char *priv_key, size_t key_size,
return 0;
uECC_sign(priv_key, sign_hash, sign);
memcpy(point_r, sign, 32);
memcpy(point_s, sign + 32, 32);
int i;
for (i = 0; i < 32; i++)
{
((uint8_t *) point_r)[i] = sign[31 - i];
((uint8_t *) point_s)[i] = sign[63 - i];
}
}
void
......@@ -631,12 +636,8 @@ dtls_ecdsa_verify_sig_hash(const unsigned char *pub_key_x,
memcpy(publicKey + 32, pub_key_y, 32);
// Copy the signature into a single buffer
int i;
for (i = 0; i < 32; i++)
{
sign[i] = result_r[31 - i];
sign[i + 32] = result_s[31 - i];
}
memcpy(sign, result_r, 32);
memcpy(sign + 32, result_s, 32);
return uECC_verify(publicKey, sign_hash, sign);
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment