From 6d5a3b7f7d63728bd6b61d4b4349758767d8b1f0 Mon Sep 17 00:00:00 2001
From: "Dmitriy A. Gerasimov" <dmitriy.gerasimov@demlabs.net>
Date: Sat, 9 Jan 2021 01:41:09 +0700
Subject: [PATCH] [!] Crystal Dilithium signature check fixed
---
CMakeLists.txt | 2 +-
dap-sdk/crypto/src/dap_enc_dilithium.c | 5 +++--
dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c | 15 ++++++++-------
3 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 3647fddac7..7fe9666277 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2,7 +2,7 @@ project(cellframe-sdk C)
cmake_minimum_required(VERSION 2.8)
set(CMAKE_C_STANDARD 11)
-set(CELLFRAME_SDK_NATIVE_VERSION "2.6-100")
+set(CELLFRAME_SDK_NATIVE_VERSION "2.6-101")
add_definitions ("-DCELLFRAME_SDK_VERSION=\"${CELLFRAME_SDK_NATIVE_VERSION}\"")
set(DAPSDK_MODULES "")
diff --git a/dap-sdk/crypto/src/dap_enc_dilithium.c b/dap-sdk/crypto/src/dap_enc_dilithium.c
index bbcabca778..9c2660db3f 100755
--- a/dap-sdk/crypto/src/dap_enc_dilithium.c
+++ b/dap-sdk/crypto/src/dap_enc_dilithium.c
@@ -84,8 +84,9 @@ size_t dap_enc_sig_dilithium_verify_sign(struct dap_enc_key * key, const void *
log_it(L_ERROR, "bad signature size");
return 0;
}
-
- return (dilithium_crypto_sign_open( (unsigned char *) msg, msg_size, (dilithium_signature_t *) signature, key->pub_key_data));
+ int l_ret = dilithium_crypto_sign_open( (unsigned char *) msg, msg_size, (dilithium_signature_t *) signature, key->pub_key_data);
+ log_it(L_WARNING,"Wrong signature, can't open with code %d", l_ret);
+ return l_ret>0? l_ret : 0;
}
void dap_enc_sig_dilithium_key_delete(struct dap_enc_key * key)
diff --git a/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c b/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c
index 47942fa5ec..74d0c5be37 100755
--- a/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c
+++ b/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c
@@ -318,17 +318,18 @@ int dilithium_crypto_sign( dilithium_signature_t *sig, const unsigned char *m, u
/*************************************************/
int dilithium_crypto_sign_open( unsigned char *m, unsigned long long mlen, dilithium_signature_t *sig, const dilithium_public_key_t * public_key)
{
- assert(public_key->kind == sig->kind);
+ if(public_key->kind != sig->kind)
+ return -1;
dilithium_param_t *p = malloc(sizeof(dilithium_param_t));
if (! dilithium_params_init( p, public_key->kind)) {
free(p);
- return -1;
+ return -2;
}
if (sig->sig_len < p->CRYPTO_BYTES ) {
free(p);
- return -1;
+ return -3;
}
unsigned long long i;
@@ -340,18 +341,18 @@ int dilithium_crypto_sign_open( unsigned char *m, unsigned long long mlen, dilit
if((sig->sig_len - p->CRYPTO_BYTES) != mlen) {
free(p);
- return -1;
+ return -4;
}
dilithium_unpack_pk(rho, &t1, public_key->data, p);
if(dilithium_unpack_sig(&z, &h, &c, sig->sig_data, p)) {
free(p);
- return -1;
+ return -5;
}
if(polyvecl_chknorm(&z, GAMMA1 - p->PARAM_BETA, p)) {
free(p);
- return -1;
+ return -6;
}
unsigned char *tmp_m = malloc(CRHBYTES + mlen);
@@ -388,7 +389,7 @@ int dilithium_crypto_sign_open( unsigned char *m, unsigned long long mlen, dilit
for(i = 0; i < NN; ++i)
if(c.coeffs[i] != cp.coeffs[i]) {
free(p);
- return -1;
+ return -7;
}
return 0;
--
GitLab