I’m developer using mbedtls.
I found asn1 encoding issue with mbedtls.
Here is an excerpt from ‘X690 8.3.2 Encoding of an integer rule’.
8.3.2 If the contents octets of an integer value encoding consist of more than one octet,
then the bits of the first octet and bit 8 of the second octet:
a) shall not all be ones; and
b) shall not all be zero.
NOTE – These rules ensure that an integer value is always encoded in the smallest possible number of octets.
Integer encoding 02020001 is invalid, 020101 is valid. (which means 1)
Likewise Integer encoding 0202FFFF is invalid, 0201FF is valid (which means -1)
The ‘mbedtls_ecdsa_read_signature’ function allows the above invalid encoding.
I’ve attached simple test programs with a small variation of mbedtls/programs/pkey/ecdsa.c
The result of two verifying are both pass.
On the other hand, in the similar test with openssl, the second result is failed.
I’ve also attached my primitive patch for this issue.
Could you review this issue?