Why would you need to reverse before resize

open-eid / chrome-token-signing

DEPRECATED Chrome and Firefox extension for signing with your eID on the web

https://github.com/open-eid/chrome-token-signing/wiki

GNU Lesser General Public License v2.1

206 stars 75 forks source link

Why would you need to reverse before resize #40

Closed duyleekun closed 7 years ago

duyleekun commented 7 years ago

Hi,

IMHO, the reversal of the signature before the resize would cause 0 array in final signature if final size < initial size.

Code for reference:

https://github.com/open-eid/chrome-token-signing/blob/master/host-windows/CngCapiSigner.cpp#L130

For example, what if CryptSignHashW produce 128-bit signature? Is it not intended to handle this case?

Anyway, what's the reasoning behind the signature reversal to begin with?

Thanks,

metsma commented 7 years ago

Seems like there is signature.resize(size); missing. The CryptoAPI uses little-endian byte order as every other crypto API uses big-endian byte order (.NET, CNG, Windows UWP, OpenSSL, Java...)

duyleekun commented 7 years ago

Well, that explains the reverse thing. Thanks @metsma. The resize thing just might not work for my project. Yours seems fine :) Fyi, I'm trying to use the AT_KEYEXCHANGE for my project, Vietnamese tokens needs this.

metsma commented 7 years ago

https://github.com/open-eid/chrome-token-signing/pull/41