From 083a8151fe48a048e4aae3b39a18445fb0f97e21 Mon Sep 17 00:00:00 2001 From: Mateusz Poliwczak Date: Sun, 18 Dec 2022 19:57:45 +0100 Subject: [PATCH] pad public key with zeros --- acme_common/src/crypto/openssl_keys.rs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/acme_common/src/crypto/openssl_keys.rs b/acme_common/src/crypto/openssl_keys.rs index 8f90928..edc78a5 100644 --- a/acme_common/src/crypto/openssl_keys.rs +++ b/acme_common/src/crypto/openssl_keys.rs @@ -197,10 +197,10 @@ impl KeyPair { } fn get_ecdsa_jwk(&self, thumbprint: bool) -> Result { - let (crv, alg, curve) = match self.key_type { - KeyType::EcdsaP256 => ("P-256", "ES256", Nid::X9_62_PRIME256V1), - KeyType::EcdsaP384 => ("P-384", "ES384", Nid::SECP384R1), - KeyType::EcdsaP521 => ("P-521", "ES512", Nid::SECP521R1), + let (crv, alg, size, curve) = match self.key_type { + KeyType::EcdsaP256 => ("P-256", "ES256", 32, Nid::X9_62_PRIME256V1), + KeyType::EcdsaP384 => ("P-384", "ES384", 48, Nid::SECP384R1), + KeyType::EcdsaP521 => ("P-521", "ES512", 66, Nid::SECP521R1), _ => { return Err("not an ECDSA elliptic curve".into()); } @@ -214,8 +214,8 @@ impl KeyPair { .unwrap() .public_key() .affine_coordinates_gfp(&group, &mut x, &mut y, &mut ctx)?; - let x = b64_encode(&x.to_vec()); - let y = b64_encode(&y.to_vec()); + let x = b64_encode(&x.to_vec_padded(size)?); + let y = b64_encode(&y.to_vec_padded(size)?); let jwk = if thumbprint { json!({ "crv": crv,