Expose ecdsa_signature_to_asn1
Expose ecdsa_signature_to_asn1 in the API. It's useful when converting
between RFC 4492 format and other representations that might be used
in external crypto processors.
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index b730953..8a96c02 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -142,7 +142,7 @@
rnd_pseudo_info rnd_info;
unsigned char hash[32];
unsigned char sig[200];
- size_t sig_len, i;
+ size_t sig_len, max_sig_len, i;
mbedtls_ecdsa_init( &ctx );
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
@@ -162,8 +162,10 @@
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
sig, sig_len ) == 0 );
- /* check we didn't write past the announced length */
- for( i = sig_len; i < sizeof( sig ); i++ )
+ /* check we didn't write past the maximum length */
+ max_sig_len = MBEDTLS_ECDSA_MAX_SIG_LEN( ctx.grp.pbits );
+ TEST_ASSERT( sig_len <= max_sig_len );
+ for( i = max_sig_len; i < sizeof( sig ); i++ )
TEST_ASSERT( sig[i] == 0x2a );
/* try verification with invalid length */