Fix a compliance issue in signature encoding The issue is not present in the normal path because asn1write_mpi() does it automatically, but we're not using that here...

commit: 1e48ebd306c76a3e70aadc25b0ef05350faa6c21 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Nov 16 10:09:11 2018 +0100
committer: Hanno Becker <hanno.becker@arm.com> Thu Nov 22 16:39:39 2018 +0000
tree: 14d3964f3448163db0d9f745f0dcd74cf9111b87
parent: 615530728f9737faf3d2673a1ef68a9c59f9d148 [diff]
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 762dbfb..5e83602 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c

@@ -807,8 +807,16 @@
     *p -= len;
     memmove( *p, start, len );
 
+    /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
+     * Neither r nor s can be 0, so we can assume len > 0 at all times. */
+    while( **p == 0x00 )
+    {
+        ++(*p);
+        --len;
+    }
+
     /* if the msb is 1, ASN.1 requires that we prepend a 0.
-     * we're never called with n_len == 0, so we can always read back a byte */
+     * Neither r nor s can be 0, so we can assume len > 0 at all times. */
     if( **p & 0x80 )
     {
         if( *p - start < 1 )
commit	1e48ebd306c76a3e70aadc25b0ef05350faa6c21	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Fri Nov 16 10:09:11 2018 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Thu Nov 22 16:39:39 2018 +0000
tree	14d3964f3448163db0d9f745f0dcd74cf9111b87
parent	615530728f9737faf3d2673a1ef68a9c59f9d148 [diff]