security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

Fix the length of ECDSA.

Browse Source 
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2023-03-06 11:16:03 +09:00
parent aa8c5d12ef
commit 6f5debd36a
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
tkd/pkcs11.c
View File

@ -878,7 +878,7 @@ do_pksign (struct key *key, int hash_algo,
} }
else if (key->key_type == KEY_EC) else if (key->key_type == KEY_EC)
{ {
siglen = (nbits+7)/8; siglen = ((nbits+7)/8) * 2;
if (mechanism == CKM_ECDSA) if (mechanism == CKM_ECDSA)
{ {
/* SoftHSMv2 */ /* SoftHSMv2 */
@ -887,6 +887,19 @@ do_pksign (struct key *key, int hash_algo,
} }
else else
{ {
if (!hash_algo)
{
/* Not specified by user, determine from MECHANISM */
if (mechanism == CKM_ECDSA_SHA256)
hash_algo = GCRY_MD_SHA256;
else if (mechanism == CKM_ECDSA_SHA384)
hash_algo = GCRY_MD_SHA384;
else if (mechanism == CKM_ECDSA_SHA384)
hash_algo = GCRY_MD_SHA512;
else
return gpg_error (GPG_ERR_DIGEST_ALGO);
}
/* Scute, YKCS11 */ /* Scute, YKCS11 */
gcry_md_hash_buffer (hash_algo, data, u_data, u_data_len); gcry_md_hash_buffer (hash_algo, data, u_data, u_data_len);
data_len = gcry_md_get_algo_dlen (hash_algo); data_len = gcry_md_get_algo_dlen (hash_algo);