wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2094 from dgarske/ecdsa_der_len

Browse Source 
Adds strict checking of the ECDSA signature DER encoding length
This commit is contained in:
toddouska
2019-02-15 10:53:57 -08:00
committed by GitHub
parent 7275ee5f19 a9f29dbb61
commit 25dd5882f8
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
wolfcrypt/src/asn.c
View File

@ -13275,9 +13275,17 @@ int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
return ASN_ECC_KEY_E; return ASN_ECC_KEY_E;
} }
#ifndef NO_STRICT_ECDSA_LEN
/* enable strict length checking for signature */
if (sigLen != idx + (word32)len) {
return ASN_ECC_KEY_E;
}
#else
/* allow extra signature bytes at end */
if ((word32)len > (sigLen - idx)) { if ((word32)len > (sigLen - idx)) {
return ASN_ECC_KEY_E; return ASN_ECC_KEY_E;
} }
#endif
if (GetInt(r, sig, &idx, sigLen) < 0) { if (GetInt(r, sig, &idx, sigLen) < 0) {
return ASN_ECC_KEY_E; return ASN_ECC_KEY_E;