From 94d0ba8bdd36c6621e2478fdb3bcf1c790369006 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Mon, 13 Mar 2023 13:27:13 +0100 Subject: ssb non-standard signature encoding covered (decode only) --- .../java/org/uic/barcode/ssbFrame/SsbFrame.java | 29 ++++++++++--- .../java/org/uic/barcode/utils/SecurityUtils.java | 48 ++++++++++++++++++++++ 2 files changed, 71 insertions(+), 6 deletions(-) (limited to 'src/main/java/org/uic/barcode') diff --git a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java index 1ee68bb..b473c1e 100644 --- a/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java +++ b/src/main/java/org/uic/barcode/ssbFrame/SsbFrame.java @@ -1,5 +1,6 @@ package org.uic.barcode.ssbFrame; +import java.io.ByteArrayOutputStream; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidKeyException; @@ -76,17 +77,33 @@ public class SsbFrame { offset = offset + nonUicData.decodeContent(bytes,offset); } - - signaturePart1 = new byte[28]; - signaturePart2 = new byte[28]; - for (int i = 0 ; i < 28;i++) { - signaturePart1[i] = bytes[58 + i]; - signaturePart2[i] = bytes[58 + 28 + i]; + byte[] signatureBytes = new byte[56]; + + try { + //check for non-standard signature encoding + BigInteger[] bInts = SecurityUtils.decodeSignatureIntegerSequence(signatureBytes); + byte[] sig = SecurityUtils.encodeSignatureIntegerSequence(bInts[0],bInts[1]); + signaturePart1 = bInts[0].toByteArray(); + signaturePart2 = bInts[1].toByteArray(); + //decoding the entire signature was ok, so there was no split + } catch (Exception e) { + //the signature is correctly implemented, continue with recombination + signaturePart1 = new byte[28]; + signaturePart2 = new byte[28]; + + for (int i = 0 ; i < 28;i++) { + signaturePart1[i] = bytes[58 + i]; + signaturePart2[i] = bytes[58 + 28 + i]; + } } + } + + + public byte[] encode() throws EncodingFormatException { byte[] bytes = new byte[114]; diff --git a/src/main/java/org/uic/barcode/utils/SecurityUtils.java b/src/main/java/org/uic/barcode/utils/SecurityUtils.java index 29a2346..8c981af 100644 --- a/src/main/java/org/uic/barcode/utils/SecurityUtils.java +++ b/src/main/java/org/uic/barcode/utils/SecurityUtils.java @@ -263,4 +263,52 @@ public class SecurityUtils { return out.toByteArray(); } + public static byte[] recombineDsaSignature(byte[] sealdata) throws IOException { + + //check whether the encoding is wrong and the sealdata contain a signature + //remove trailing zeroes from the signature + BigInteger[] bInts = null; + try { + bInts = decodeSignatureIntegerSequence(sealdata); + byte[] sig = encodeSignatureIntegerSequence(bInts[0],bInts[1]); + //decoding the entire signature was ok, so there was no split + return sig; + } catch (Exception e) { + //the signature is correctly implemented, continue with recombination + } + + // split the data into two blocks + int length = sealdata.length / 2; + byte[] rBytes = Arrays.copyOfRange(sealdata, 0, length); + byte[] sBytes = Arrays.copyOfRange(sealdata, length, length + length); + + //convert to BigInteger to get rid of leading zeroes + BigInteger r = new BigInteger(1,rBytes); + BigInteger s = new BigInteger(1,sBytes); + + //encode as DSA signature structure + //SEQUENCE OF --> tag 16 + int sequenceTag = 16 + 32; // (bits 6 = 1 constructed) + //INTEGER --> tag 2 + int integerTag = 2; + + byte[] b1 = r.toByteArray(); + int lb1 = b1.length; + + byte[] b2 = s.toByteArray(); + int lb2 = b2.length; + int sequenceLength = lb1 + lb2 + 4; + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + out.write((byte) sequenceTag); + out.write((byte) sequenceLength); + out.write((byte) integerTag); + out.write((byte) lb1); + out.write(b1); + out.write((byte) integerTag); + out.write((byte) lb2); + out.write(b2); + return out.toByteArray(); + + } } -- cgit v1.2.3