Merge pull request #555 from openweave/bug/emargolis/fix-der-to-weave-implementation

Fixed Function Implementation that Converts DER to Weave Signature.

Author: robszewczyk

src/lib/profiles/security/WeaveSig.cpp

@@ -1,5 +1,6 @@
 /*
  *
+ *    Copyright (c) 2020 Google LLC.
  *    Copyright (c) 2013-2017 Nest Labs, Inc.
  *    All rights reserved.
  *
@@ -501,9 +502,9 @@ WEAVE_ERROR EncodeWeaveECDSASignature(TLVWriter& writer, EncodedECDSASignature&
     return err;
 }
 
-// Takes an ECDSA signature in DER form and converts it to Weave form.
+// Takes an ECDSA signature in DER form and converts and copies values it to Weave form.
 // ECDSA-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }
-WEAVE_ERROR ConvertECDSASignature_DERToWeave(const uint8_t * sigBuf, uint8_t sigLen, EncodedECDSASignature& sig)
+WEAVE_ERROR DecodeCopyECDSASignature_DER(const uint8_t * sigBuf, uint8_t sigLen, EncodedECDSASignature& sig)
 {
     WEAVE_ERROR err;
     ASN1Reader reader;
@@ -514,11 +515,20 @@ WEAVE_ERROR ConvertECDSASignature_DERToWeave(const uint8_t * sigBuf, uint8_t sig
     ASN1_PARSE_ENTER_SEQUENCE {
         // r INTEGER
         ASN1_PARSE_ELEMENT(kASN1TagClass_Universal, kASN1UniversalTag_Integer);
-        sig.R = const_cast<uint8_t *>(reader.Value);
+
+        VerifyOrExit(sig.R != NULL, err = WEAVE_ERROR_INVALID_ARGUMENT);
+        VerifyOrExit(sig.RLen >= reader.ValueLen, err = WEAVE_ERROR_BUFFER_TOO_SMALL);
+
+        memcpy(sig.R, const_cast<uint8_t *>(reader.Value), reader.ValueLen);
         sig.RLen = reader.ValueLen;
+
         // s INTEGER
         ASN1_PARSE_ELEMENT(kASN1TagClass_Universal, kASN1UniversalTag_Integer);
-        sig.S = const_cast<uint8_t *>(reader.Value);
+
+        VerifyOrExit(sig.S != NULL, err = WEAVE_ERROR_INVALID_ARGUMENT);
+        VerifyOrExit(sig.SLen >= reader.ValueLen, err = WEAVE_ERROR_BUFFER_TOO_SMALL);
+
+        memcpy(sig.S, const_cast<uint8_t *>(reader.Value), reader.ValueLen);
         sig.SLen = reader.ValueLen;
     } ASN1_EXIT_SEQUENCE;
 
@@ -532,9 +542,21 @@ WEAVE_ERROR ConvertECDSASignature_DERToWeave(const uint8_t * sigBuf, uint8_t sig
 {
     WEAVE_ERROR err;
     EncodedECDSASignature sig;
+    ASN1Reader reader;
 
-    err = ConvertECDSASignature_DERToWeave(sigBuf, sigLen, sig);
-    SuccessOrExit(err);
+    reader.Init(sigBuf, sigLen);
+
+    // ECDSA-Sig-Value ::= SEQUENCE
+    ASN1_PARSE_ENTER_SEQUENCE {
+        // r INTEGER
+        ASN1_PARSE_ELEMENT(kASN1TagClass_Universal, kASN1UniversalTag_Integer);
+        sig.R = const_cast<uint8_t *>(reader.Value);
+        sig.RLen = reader.ValueLen;
+        // s INTEGER
+        ASN1_PARSE_ELEMENT(kASN1TagClass_Universal, kASN1UniversalTag_Integer);
+        sig.S = const_cast<uint8_t *>(reader.Value);
+        sig.SLen = reader.ValueLen;
+    } ASN1_EXIT_SEQUENCE;
 
     err = EncodeWeaveECDSASignature(writer, sig, tag);
     SuccessOrExit(err);

src/lib/profiles/security/WeaveSig.h

@@ -1,5 +1,6 @@
 /*
  *
+ *    Copyright (c) 2020 Google LLC.
  *    Copyright (c) 2013-2017 Nest Labs, Inc.
  *    All rights reserved.
  *
@@ -132,7 +133,7 @@ extern WEAVE_ERROR GenerateAndEncodeWeaveECDSASignature(TLVWriter& writer, uint6
 
 extern WEAVE_ERROR EncodeWeaveECDSASignature(TLVWriter& writer, EncodedECDSASignature& sig, uint64_t tag);
 extern WEAVE_ERROR DecodeWeaveECDSASignature(TLVReader& reader, EncodedECDSASignature& sig);
-extern WEAVE_ERROR ConvertECDSASignature_DERToWeave(const uint8_t * sigBuf, uint8_t sigLen, EncodedECDSASignature& sig);
+extern WEAVE_ERROR DecodeCopyECDSASignature_DER(const uint8_t * sigBuf, uint8_t sigLen, EncodedECDSASignature& sig);
 extern WEAVE_ERROR ConvertECDSASignature_DERToWeave(const uint8_t * sigBuf, uint8_t sigLen, TLVWriter& writer, uint64_t tag);
 extern WEAVE_ERROR InsertRelatedCertificatesIntoWeaveSignature(
                                         uint8_t *sigBuf, uint16_t sigLen, uint16_t sigBufLen,