mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-26 20:26:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

sm2: use ReadASN1Integer instead of clone private code

Browse Source
This commit is contained in:
Sun Yimin 2022-12-13 11:03:02 +08:00 committed by GitHub
parent 5c12b08cd5
commit 824748a293
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
sm2/sm2.go
View File

@ -679,43 +679,13 @@ func VerifyASN1WithSM2(pub *ecdsa.PublicKey, uid, msg, sig []byte) bool {
return VerifyASN1(pub, digest, sig) return VerifyASN1(pub, digest, sig)
} }
func readASN1Bytes(input *cryptobyte.String, out *[]byte) bool {
var bytes cryptobyte.String
if !input.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) {
return false
}
if bytes[0]&0x80 == 0x80 {
return false
}
for len(bytes) > 1 && bytes[0] == 0 {
bytes = bytes[1:]
}
*out = bytes
return true
}
func checkASN1Integer(bytes []byte) bool {
if len(bytes) == 0 {
// An INTEGER is encoded with at least one octet.
return false
}
if len(bytes) == 1 {
return true
}
if bytes[0] == 0 && bytes[1]&0x80 == 0 || bytes[0] == 0xff && bytes[1]&0x80 == 0x80 {
// Value is not minimally encoded.
return false
}
return true
}
func parseSignature(sig []byte) (r, s []byte, err error) { func parseSignature(sig []byte) (r, s []byte, err error) {
var inner cryptobyte.String var inner cryptobyte.String
input := cryptobyte.String(sig) input := cryptobyte.String(sig)
if !input.ReadASN1(&inner, asn1.SEQUENCE) || if !input.ReadASN1(&inner, asn1.SEQUENCE) ||
!input.Empty() || !input.Empty() ||
!readASN1Bytes(&inner, &r) || !inner.ReadASN1Integer(&r) ||
!readASN1Bytes(&inner, &s) || !inner.ReadASN1Integer(&s) ||
!inner.Empty() { !inner.Empty() {
return nil, nil, errors.New("invalid ASN.1") return nil, nil, errors.New("invalid ASN.1")
} }