From 484616b51938d293a6d69457bb5df1dc67ebf189 Mon Sep 17 00:00:00 2001
From: Roman Khlopkov <roman.khlopkov@demlabs.net>
Date: Wed, 10 Nov 2021 17:38:47 +0300
Subject: [PATCH] [*] Dilithium signature read/write fix

---
 CMakeLists.txt                             |  2 +-
 dap-sdk/crypto/include/dap_enc_dilithium.h |  2 +-
 dap-sdk/crypto/src/dap_enc_dilithium.c     | 23 ++++++++++------------
 dap-sdk/crypto/src/dap_sign.c              |  3 ++-
 4 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 85b1117322..b01dc89551 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2,7 +2,7 @@ project(cellframe-sdk C)
 cmake_minimum_required(VERSION 3.0)
 
 set(CMAKE_C_STANDARD 11)
-set(CELLFRAME_SDK_NATIVE_VERSION "2.9-54")
+set(CELLFRAME_SDK_NATIVE_VERSION "2.9-55")
 add_definitions ("-DCELLFRAME_SDK_VERSION=\"${CELLFRAME_SDK_NATIVE_VERSION}\"")
 set(DAPSDK_MODULES "")
 message("Cellframe modules: ${CELLFRAME_MODULES}")
diff --git a/dap-sdk/crypto/include/dap_enc_dilithium.h b/dap-sdk/crypto/include/dap_enc_dilithium.h
index f79abef200..4871227a8e 100755
--- a/dap-sdk/crypto/include/dap_enc_dilithium.h
+++ b/dap-sdk/crypto/include/dap_enc_dilithium.h
@@ -29,7 +29,7 @@ size_t dap_enc_dilithium_calc_signature_unserialized_size(void);
 
 static inline size_t dap_enc_dilithium_calc_signagture_size(dilithium_signature_t* a_sign)
 {
-    return sizeof(uint64_t) * 3 + a_sign->sig_len;
+    return sizeof(uint64_t) * 2 + sizeof(uint32_t) + a_sign->sig_len;
 }
 
 uint8_t* dap_enc_dilithium_write_signature(dilithium_signature_t* a_sign, size_t *a_sign_out);
diff --git a/dap-sdk/crypto/src/dap_enc_dilithium.c b/dap-sdk/crypto/src/dap_enc_dilithium.c
index a7538443a1..4825ca399b 100755
--- a/dap-sdk/crypto/src/dap_enc_dilithium.c
+++ b/dap-sdk/crypto/src/dap_enc_dilithium.c
@@ -134,9 +134,9 @@ uint8_t* dap_enc_dilithium_write_signature(dilithium_signature_t* a_sign, size_t
 
     memcpy(l_buf, &l_buflen, sizeof(uint64_t));
     l_shift_mem += sizeof(uint64_t);
-    uint64_t l_kind = a_sign->kind;
-    memcpy(l_buf + l_shift_mem, &l_kind, sizeof(uint64_t));
-    l_shift_mem += sizeof(uint64_t);
+    uint32_t l_kind = a_sign->kind;
+    memcpy(l_buf + l_shift_mem, &l_kind, sizeof(uint32_t));
+    l_shift_mem += sizeof(uint32_t);
     memcpy(l_buf + l_shift_mem, &a_sign->sig_len, sizeof(uint64_t));
     l_shift_mem += sizeof(uint64_t);
     memcpy(l_buf + l_shift_mem, a_sign->sig_data, a_sign->sig_len );
@@ -154,29 +154,26 @@ dilithium_signature_t* dap_enc_dilithium_read_signature(uint8_t *a_buf, size_t a
         log_it(L_ERROR,"::read_signature() NULL buffer on input");
         return NULL;
     }
-    if(a_buflen < sizeof(uint64_t) * 3){
+    if(a_buflen < sizeof(uint64_t) * 2 + sizeof(uint32_t)){
         log_it(L_ERROR,"::read_signature() Buflen %zd is smaller than first three fields(%zd)", a_buflen,
-               sizeof(uint64_t) * 3);
+               sizeof(uint64_t) * 2 + sizeof(uint32_t));
         return NULL;
     }
 
-    uint64_t l_shift_mem = 0;
-    uint64_t kind;
+    uint32_t kind;
     uint64_t l_buflen = 0;
     memcpy(&l_buflen, a_buf, sizeof(uint64_t));
+    uint64_t l_shift_mem = sizeof(uint64_t);
     if (l_buflen != a_buflen) {
         if (l_buflen << 32 >> 32 != a_buflen) {
             log_it(L_ERROR,"::read_public_key() Buflen field inside buffer is %"DAP_UINT64_FORMAT_U" when expected to be %"DAP_UINT64_FORMAT_U,
                    l_buflen, (uint64_t)a_buflen);
             return NULL;
-        }else {
-            memcpy(&kind, a_buf + sizeof(uint32_t), sizeof(uint32_t));
-            l_shift_mem = 2 * sizeof(uint32_t); // + sizeof(uint32_t) for old2 variant, oh
         }
-    } else {
-        memcpy(&kind, a_buf + sizeof(uint64_t), sizeof(uint64_t));
-        l_shift_mem = 2 * sizeof(uint64_t);
+        l_shift_mem = sizeof(uint32_t);
     }
+    memcpy(&kind, a_buf + sizeof(uint32_t), sizeof(uint32_t));
+    l_shift_mem += sizeof(uint32_t);
     dilithium_param_t p;
     if(!dilithium_params_init(&p, kind))
         return NULL ;
diff --git a/dap-sdk/crypto/src/dap_sign.c b/dap-sdk/crypto/src/dap_sign.c
index ff77a020c3..09a66dfb13 100755
--- a/dap-sdk/crypto/src/dap_sign.c
+++ b/dap-sdk/crypto/src/dap_sign.c
@@ -374,8 +374,9 @@ int dap_sign_verify(dap_sign_t * a_chain_sign, const void * a_data, const size_t
 
     if ( ! l_sign_data ){
         log_it(L_WARNING,"Incorrect signature, can't deserialize signature's data");
+            l_sign_data_size = a_chain_sign->header.sign_size;
+            uint8_t * l_sign_data = dap_enc_key_deserealize_sign(l_key->type, l_sign_data_ser, &l_sign_data_size);
         dap_enc_key_delete(l_key);
-        dap_enc_key_signature_delete(l_key->type, l_sign_data);
         return -5;
     }
 
-- 
GitLab