Fixed hash truncation used in ECDSA signature & verification
The function tHash shifted the hash number to an incorrect number of bits when the bit string had leading zeros. This is one of two issues reported in vincenthz/hs-tls#152.
This commit is contained in:
Olivier Chéron
parent
6e40fa7010
commit
c84230c69a
@ -20,12 +20,14 @@ import Crypto.Random.Types
|
|||||||
import Data.Bits (shiftR)
|
import Data.Bits (shiftR)
|
||||||
import Crypto.Internal.ByteArray (ByteArrayAccess)
|
import Crypto.Internal.ByteArray (ByteArrayAccess)
|
||||||
import Data.Data
|
import Data.Data
|
||||||
|
import Crypto.Number.Basic (numBits)
|
||||||
import Crypto.Number.ModArithmetic (inverse)
|
import Crypto.Number.ModArithmetic (inverse)
|
||||||
import Crypto.Number.Serialize
|
import Crypto.Number.Serialize
|
||||||
import Crypto.Number.Generate
|
import Crypto.Number.Generate
|
||||||
import Crypto.PubKey.ECC.Types
|
import Crypto.PubKey.ECC.Types
|
||||||
import Crypto.PubKey.ECC.Prim
|
import Crypto.PubKey.ECC.Prim
|
||||||
import Crypto.Hash
|
import Crypto.Hash
|
||||||
|
import Crypto.Hash.Types (hashDigestSize)
|
||||||
|
|
||||||
-- | Represent a ECDSA signature namely R and S.
|
-- | Represent a ECDSA signature namely R and S.
|
||||||
data Signature = Signature
|
data Signature = Signature
|
||||||
@ -117,5 +119,4 @@ tHash hashAlg m n
|
|||||||
| d > 0 = shiftR e d
|
| d > 0 = shiftR e d
|
||||||
| otherwise = e
|
| otherwise = e
|
||||||
where e = os2ip $ hashWith hashAlg m
|
where e = os2ip $ hashWith hashAlg m
|
||||||
d = log2 e - log2 n
|
d = hashDigestSize hashAlg * 8 - numBits n
|
||||||
log2 = ceiling . logBase (2 :: Double) . fromIntegral
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user