Commit 4eb201cb authored by stopcovid@lunabee.com's avatar stopcovid@lunabee.com
Browse files

Update to 3.0.2

- Fix signature verification
parent b7ca3f0e
......@@ -3,7 +3,11 @@ package com.lunabeestudio.framework.crypto
import android.util.Base64
import com.lunabeestudio.framework.extension.removePublicKeyDecoration
import org.apache.commons.codec.binary.Base32
import org.bouncycastle.asn1.ASN1EncodableVector
import org.bouncycastle.asn1.ASN1Integer
import org.bouncycastle.asn1.DERSequence
import org.bouncycastle.jce.provider.BouncyCastleProvider
import java.math.BigInteger
import java.nio.charset.StandardCharsets
import java.security.KeyFactory
import java.security.PublicKey
......@@ -40,25 +44,26 @@ object BouncyCastleSignatureVerifier {
val ecdsaVerify: Signature = Signature.getInstance(signatureKeyAlgorithm)
val rawMessage = message.toByteArray(StandardCharsets.US_ASCII)
val decodedSignature = Base32().decode(rawSignature)
val derSequence = getDERSequenceFromSignature(decodedSignature)
ecdsaVerify.initVerify(publicKey)
ecdsaVerify.update(rawMessage)
val decodedSignature = Base32().decode(rawSignature)
return ecdsaVerify.verify(derSequence.encoded)
}
var r = decodedSignature.take(decodedSignature.size / 2).toByteArray()
var s = decodedSignature.takeLast(decodedSignature.size / 2).toByteArray()
private fun getDERSequenceFromSignature(decodedSignature: ByteArray): DERSequence {
val length = decodedSignature.size / 2
val bytes = ByteArray(length)
val asn1EncodableVector = ASN1EncodableVector()
// DER encoding
if (r.first() < 0x00) {
r = byteArrayOf(0x00) + r
}
if (s.first() < 0x00) {
s = byteArrayOf(0x00) + s
}
val rs = byteArrayOf(0x02, r.size.toByte()) + r + byteArrayOf(0x02, s.size.toByte()) + s
val derSignature = byteArrayOf(0x30, (rs.size).toByte()) + rs
System.arraycopy(decodedSignature, 0, bytes, 0, length)
asn1EncodableVector.add(ASN1Integer(BigInteger(1, bytes)))
System.arraycopy(decodedSignature, length, bytes, 0, length)
asn1EncodableVector.add(ASN1Integer(BigInteger(1, bytes)))
return ecdsaVerify.verify(derSignature)
return DERSequence(asn1EncodableVector)
}
}
\ No newline at end of file
......@@ -43,8 +43,8 @@ android {
applicationId "fr.gouv.android.stopcovid"
minSdkVersion 21
targetSdkVersion 30
versionCode 230
versionName "3.0.1"
versionCode 232
versionName "3.0.2"
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment