Changeset 215791 in webkit


Ignore:
Timestamp:
Apr 25, 2017 9:31:57 PM (7 years ago)
Author:
jiewen_tan@apple.com
Message:

[WebCrypto] Enhance ways to convert an ECDSA signature binary into DER format
https://bugs.webkit.org/show_bug.cgi?id=171287
<rdar://problem/31735332>

Reviewed by Brent Fulgham.

Covered by existing tests.

  • crypto/mac/CryptoAlgorithmECDSAMac.cpp:

(WebCore::verifyECDSA):

Location:
trunk/Source/WebCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r215787 r215791  
     12017-04-25  Jiewen Tan  <jiewen_tan@apple.com>
     2
     3        [WebCrypto] Enhance ways to convert an ECDSA signature binary into DER format
     4        https://bugs.webkit.org/show_bug.cgi?id=171287
     5        <rdar://problem/31735332>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        Covered by existing tests.
     10
     11        * crypto/mac/CryptoAlgorithmECDSAMac.cpp:
     12        (WebCore::verifyECDSA):
     13
    1142017-04-25  Brent Fulgham  <bfulgham@apple.com>
    215
  • trunk/Source/WebCore/crypto/mac/CryptoAlgorithmECDSAMac.cpp

    r215721 r215791  
    136136    // FIXME: <rdar://problem/31618371>
    137137    // Convert the signature into DER format.
    138     // tag + length(1) + tag + length(1) + InitialOctet + r + tag + length(1) + InitialOctet + s
     138    // tag + length(1) + tag + length(1) + InitialOctet(?) + r + tag + length(1) + InitialOctet(?) + s
     139    // Skip any heading 0s of r and s.
     140    size_t rStart = 0;
     141    while (rStart < keyLengthInBytes && !signature[rStart])
     142        rStart++;
     143    size_t sStart = keyLengthInBytes;
     144    while (rStart < signature.size() && !signature[sStart])
     145        sStart++;
     146
     147    // InitialOctet is needed when the first byte of r/s is larger than or equal to 128.
     148    bool rNeedsInitialOctet = signature[rStart] >= 128;
     149    bool sNeedsInitialOctet = signature[sStart] >= 128;
     150
     151    // Construct the DER signature.
    139152    Vector<uint8_t> newSignature;
    140     newSignature.reserveCapacity(8 + keyLengthInBytes * 2);
     153    newSignature.reserveCapacity(6 + keyLengthInBytes * 3  + rNeedsInitialOctet + sNeedsInitialOctet - rStart - sStart);
    141154    newSignature.append(SequenceMark);
    142     addEncodedASN1Length(newSignature, 6 + keyLengthInBytes * 2);
     155    addEncodedASN1Length(newSignature, 4 + keyLengthInBytes * 3  + rNeedsInitialOctet + sNeedsInitialOctet - rStart - sStart);
    143156    newSignature.append(IntegerMark);
    144     addEncodedASN1Length(newSignature, keyLengthInBytes + 1);
    145     newSignature.append(InitialOctet);
    146     newSignature.append(signature.data(), keyLengthInBytes);
     157    addEncodedASN1Length(newSignature, keyLengthInBytes + rNeedsInitialOctet - rStart);
     158    if (rNeedsInitialOctet)
     159        newSignature.append(InitialOctet);
     160    newSignature.append(signature.data() + rStart, keyLengthInBytes - rStart);
    147161    newSignature.append(IntegerMark);
    148     addEncodedASN1Length(newSignature, keyLengthInBytes + 1);
    149     newSignature.append(InitialOctet);
    150     newSignature.append(signature.data() + keyLengthInBytes, keyLengthInBytes);
     162    addEncodedASN1Length(newSignature, keyLengthInBytes * 2 + sNeedsInitialOctet - sStart);
     163    if (sNeedsInitialOctet)
     164        newSignature.append(InitialOctet);
     165    newSignature.append(signature.data() + sStart, keyLengthInBytes * 2 - sStart);
    151166
    152167    uint32_t valid;
Note: See TracChangeset for help on using the changeset viewer.