Summary: | [GCrypt] ECDSA signing results can be smaller than the EC key size | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Zan Dobersek <zan> | ||||||||
Component: | New Bugs | Assignee: | Zan Dobersek <zan> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Normal | CC: | jiewen_tan, mcatanzaro | ||||||||
Priority: | P2 | ||||||||||
Version: | WebKit Nightly Build | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Bug Depends on: | |||||||||||
Bug Blocks: | 133122 | ||||||||||
Attachments: |
|
Description
Zan Dobersek
2017-05-01 22:36:48 PDT
Created attachment 312119 [details]
Patch
Comment on attachment 312119 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=312119&action=review Looks good to me. Please address the following comments. > Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:101 > + if (dataSize >= keySizeInBytes) { It will be good if we can fold this code and the one below into one. Also, I am wondering if you are sure that the verification process can automatically remove the heading 0s. Comment on attachment 312119 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=312119&action=review >> Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:101 >> + if (dataSize >= keySizeInBytes) { > > It will be good if we can fold this code and the one below into one. > > Also, I am wondering if you are sure that the verification process can automatically remove the heading 0s. It removes the heading zeros while converting the binary data into MPIs. Created attachment 312297 [details]
Patch
Comment on attachment 312297 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=312297&action=review r=me Looks good. Please address the following comments. > Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:117 > + || extractECDSASignatureInteger(signature, signatureSexp, "s", keySizeInBytes)) Should be !extractECDSASignatureInteger(signature, signatureSexp, "s", keySizeInBytes)? Comment on attachment 312297 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=312297&action=review >> Source/WebCore/crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:117 >> + || extractECDSASignatureInteger(signature, signatureSexp, "s", keySizeInBytes)) > > Should be !extractECDSASignatureInteger(signature, signatureSexp, "s", keySizeInBytes)? Yes, was a mistake. Created attachment 312404 [details]
Patch for landing
Comment on attachment 312404 [details] Patch for landing Clearing flags on attachment: 312404 Committed r217969: <http://trac.webkit.org/changeset/217969> All reviewed patches have been landed. Closing bug. |