commit b03bc43f22e4ad7e7107e855da14dd71f12d2ba2
author Andrzej Kurek <andrzej.kurek@mobica.com> Tue Jan 23 06:25:32 2018 -0500
committer Andrzej Kurek <andrzej.kurek@mobica.com> Tue Jan 23 06:25:32 2018 -0500
tree 59f70a977eaf99a05f11d6eff11fa5b40bd85d51
parent c289bf1a308bf7d0e4abfdfff860774ba85d7969

pkcs11_client tests - hardcoded signature verification

Add review fixes - naming changes, importing a signature instead of
generating it.

library/ecdsa.c

diff --git a/library/ecdsa.c b/library/ecdsa.c
index 645fbb5..0f33b83 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -289,9 +289,13 @@
 /*
  * Convert a signature to a raw concatenation of {r, s}
  */
+/*int mbedtls_ecdsa_signature_to_raw( const unsigned char *sig,
+                            size_t ssize, uint16_t byte_len,
+                            unsigned char *buf, size_t* slen )*/
 int mbedtls_ecdsa_signature_to_raw( const unsigned char *sig,
                             size_t ssize, uint16_t byte_len,
-                            unsigned char *buf, size_t* slen )
+                            unsigned char *buf, size_t bufsize,
+                            size_t* buflen )
 {
     int ret;
     unsigned char *p = (unsigned char *) sig;
@@ -299,7 +303,7 @@
     size_t len;
     mbedtls_mpi r, s;
 
-    if( 2 * byte_len > ssize )
+    if( 2 * byte_len > bufsize )
     {
         return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
     }
@@ -339,7 +343,7 @@
         ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
         goto cleanup;
     }
-    *slen = 2*byte_len;
+    *buflen = 2*byte_len;
     cleanup:
         mbedtls_mpi_free( &r );
         mbedtls_mpi_free( &s );

library/pkcs11_client.c

diff --git a/library/pkcs11_client.c b/library/pkcs11_client.c
index 70cc0de..1e03ef1 100644
--- a/library/pkcs11_client.c
+++ b/library/pkcs11_client.c
@@ -239,7 +239,7 @@
     mbedtls_pk_pkcs11_context_t *ctx = ctx_arg;
     CK_RV rv;
     CK_MECHANISM mechanism = {0, NULL_PTR, 0};
-    unsigned char *decoded_sig = NULL_PTR;
+    unsigned char *decoded_sig = NULL;
     size_t decoded_sig_len;
 
     /* This function takes size_t arguments but the underlying layer
@@ -286,9 +286,14 @@
     if( mechanism.mechanism == CKM_ECDSA )
     {
         uint16_t byte_len = ( ( ctx->bit_length + 7 ) / 8 );
-        decoded_sig = malloc( 2 * byte_len );
+        decoded_sig = mbedtls_calloc( 1, 2 * byte_len );
+        if( decoded_sig == NULL )
+        {
+            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+        }
         if( mbedtls_ecdsa_signature_to_raw( sig, sig_len, byte_len,
-                                    decoded_sig, &decoded_sig_len ) != 0 )
+                                    decoded_sig, 2 * byte_len,
+                                    &decoded_sig_len ) != 0 )
         {
             rv = CKR_GENERAL_ERROR;
             goto exit;
@@ -303,7 +308,7 @@
         goto exit;
 
 exit:
-    free(decoded_sig);
+    mbedtls_free(decoded_sig);
     return( pkcs11_err_to_mbedtls_pk_err( rv ) );
 }