Commit 38096960fb

Frank Denis <124872+jedisct1@users.noreply.github.com>
2022-07-06 08:30:43
crypto.sign.ecdsa: fix toCompressedSec1()/toUnompressedSec1() (#12009)
The Ecdsa.PublicKey type is not a direct alias for a curve element. So, use the inner field containing the curve element for serialization.
master
1 parent 6279a1d
Changed files (1)
lib
std
crypto
ecdsa.zig
lib/std/crypto/ecdsa.zig
@@ -62,13 +62,13 @@ pub fn Ecdsa(comptime Curve: type, comptime Hash: type) type {
             }
 
             /// Encode the public key using the compressed SEC-1 format.
-            pub fn toCompressedSec1(p: Curve) [compressed_sec1_encoded_length]u8 {
-                return p.toCompressedSec1();
+            pub fn toCompressedSec1(pk: PublicKey) [compressed_sec1_encoded_length]u8 {
+                return pk.p.toCompressedSec1();
             }
 
             /// Encoding the public key using the uncompressed SEC-1 format.
-            pub fn toUncompressedSec1(p: Curve) [uncompressed_sec1_encoded_length]u8 {
-                return p.toUncompressedSec1();
+            pub fn toUncompressedSec1(pk: PublicKey) [uncompressed_sec1_encoded_length]u8 {
+                return pk.p.toUncompressedSec1();
             }
         };
 
@@ -743,3 +743,15 @@ fn tvTry(vector: TestVector) !void {
     const sig = try Scheme.Signature.fromDer(sig_der);
     try sig.verify(msg, pk);
 }
+
+test "ECDSA - Sec1 encoding/decoding" {
+    const Scheme = EcdsaP384Sha384;
+    const kp = try Scheme.KeyPair.create(null);
+    const pk = kp.public_key;
+    const pk_compressed_sec1 = pk.toCompressedSec1();
+    const pk_recovered1 = try Scheme.PublicKey.fromSec1(&pk_compressed_sec1);
+    try testing.expectEqualSlices(u8, &pk_recovered1.toCompressedSec1(), &pk_compressed_sec1);
+    const pk_uncompressed_sec1 = pk.toUncompressedSec1();
+    const pk_recovered2 = try Scheme.PublicKey.fromSec1(&pk_uncompressed_sec1);
+    try testing.expectEqualSlices(u8, &pk_recovered2.toUncompressedSec1(), &pk_uncompressed_sec1);
+}