From 14870b6b5cdb8e5b1a7197e51bb0cd1639c48b5a Mon Sep 17 00:00:00 2001
From: tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>
Date: Thu, 19 Dec 2013 14:33:03 +0000
Subject: Unwrap SWCard ECDSA signature value

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1269 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
---
 smcc/src/main/java/at/gv/egiz/smcc/SWCard.java | 44 +++++++++++++++++++++++---
 1 file changed, 40 insertions(+), 4 deletions(-)

(limited to 'smcc/src')

diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
index 62f3e3e3..87488f26 100644
--- a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
+++ b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
@@ -24,6 +24,8 @@
 
 package at.gv.egiz.smcc;
 
+import iaik.me.asn1.ASN1;
+
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
@@ -80,7 +82,7 @@ public class SWCard implements SignatureCard {
   
   private static String swCardDir;
 
-  private final Logger log = LoggerFactory.getLogger(SWCard.class);
+  private static final Logger log = LoggerFactory.getLogger(SWCard.class);
 
   private KeyStore certifiedKeyStore;
   
@@ -415,21 +417,55 @@ public class SWCard implements SignatureCard {
       for (byte[] b = new byte[20]; (l = input.read(b)) != -1;) {
         signature.update(b, 0, l);
       }
-      return signature.sign();
+      return unwrapSignature(signature.sign(), algorithm);
     } catch (NoSuchAlgorithmException e) {
       String msg = "Algorithm + '" + algorithm + "' not supported for signing.";
       log.info(msg, e);
       throw new SignatureCardException(msg, e);
     } catch (SignatureException e) {
-      String msg = "Signing faild.";
+      String msg = "Signing failed.";
       log.info(msg, e);
       throw new SignatureCardException(msg, e);
     } catch (InvalidKeyException e) {
       String msg = "Key not valid for algorithm + '" + algorithm + "'.";
       log.info(msg, e);
       throw new SignatureCardException(msg, e);
+    } catch (IOException e) {
+      String msg = "Error unwrapping signature value.";
+      log.info(msg, e);
+      throw new SignatureCardException(msg, e);
     }
-    
+  }
+
+  private static byte[] unwrapSignature(byte[] signature, String alg) throws IOException {
+    byte[] ret = signature;
+    log.debug("Checking if unwrapping necessary for " + alg);
+    if ("SHA1withECDSA".equals(alg) ||
+        "SHA256withECDSA".equals(alg) ||
+        "RIPEMD160withECDSA".equals(alg)) {
+      log.debug("Unwrapping signature");
+      ASN1 sig = new ASN1(signature);
+      byte[] r = sig.getElementAt(0).gvBigInteger().toByteArray();
+      int r_length = r.length;
+      int r_start = 0;
+      if (r[0] == 0) {
+        //skip leading 0
+        --r_length;
+        ++r_start;
+      }
+      byte[] s = sig.getElementAt(1).gvBigInteger().toByteArray();
+      int s_length = s.length;
+      int s_start = 0;
+      if (s[0] == 0) {
+        //skip leading 0
+        --s_length;
+        ++s_start;
+      }
+      ret = new byte[r_length + s_length];
+      System.arraycopy(r, r_start, ret, 0, r_length);
+      System.arraycopy(s, s_start, ret, r_length, s_length);
+    }
+    return ret;
   }
 
   @Override
-- 
cgit v1.2.3