Fix bug whereby 0 was written as 0200 rather than 020100

0200 is not just non-DER, it's completely invalid, since there has to be a sign bit. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-10 20:13:33 +02:00 · 2022-06-10 20:13:33 +02:00 · 321a08944b
commit 321a08944b
parent c9a30fba74
3 changed files with 12 additions and 2 deletions
--- a/ChangeLog.d/asn1write-0-fix
+++ b/ChangeLog.d/asn1write-0-fix
@ -0,0 +1,2 @@
+Bugfix
+   * Fix mbedtls_asn1_write_mpi() writing an incorrect encoding of 0.
--- a/library/asn1write.c
+++ b/library/asn1write.c
@ -133,6 +133,11 @@ int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start, const
    //
    len = mbedtls_mpi_size( X );

+    /* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not
+     * as 0 digits. We need to end up with 020100, not with 0200. */
+    if( len == 0 )
+        len = 1;
+
    if( *p < start || (size_t)( *p - start ) < len )
        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );

--- a/tests/suites/test_suite_asn1write.data
+++ b/tests/suites/test_suite_asn1write.data
@ -91,8 +91,11 @@ mbedtls_asn1_write_enum:0x12345678:"0A0412345678"
 ASN.1 Write enum 2147483647
 mbedtls_asn1_write_enum:0x7fffffff:"0A047fffffff"

-#ASN.1 Write mpi 0
-#mbedtls_asn1_write_mpi:"00":"020100"
+ASN.1 Write mpi 0 (null)
+mbedtls_asn1_write_mpi:"":"020100"
+
+ASN.1 Write mpi 0 (1 limb)
+mbedtls_asn1_write_mpi:"00":"020100"

 ASN.1 Write mpi 1
 mbedtls_asn1_write_mpi:"01":"020101"