Skip to content

Commit

Permalink
lib: DER signature decoding correction
Browse files Browse the repository at this point in the history
  • Loading branch information
Markus-MS authored Aug 14, 2024
1 parent 03e06e1 commit accb61e
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
10 changes: 10 additions & 0 deletions lib/elliptic/ec/signature.js
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,10 @@ function getLength(buf, p) {
return false;
}

if(buf[p.place] === 0x00) {
return false;
}

var val = 0;
for (var i = 0, off = p.place; i < octetLen; i++, off++) {
val <<= 8;
Expand Down Expand Up @@ -86,6 +90,9 @@ Signature.prototype._importDER = function _importDER(data, enc) {
if (rlen === false) {
return false;
}
if ((data[p.place] & 128) !== 0) {
return false;
}
var r = data.slice(p.place, rlen + p.place);
p.place += rlen;
if (data[p.place++] !== 0x02) {
Expand All @@ -98,6 +105,9 @@ Signature.prototype._importDER = function _importDER(data, enc) {
if (data.length !== slen + p.place) {
return false;
}
if ((data[p.place] & 128) !== 0) {
return false;
}
var s = data.slice(p.place, slen + p.place);
if (r[0] === 0) {
if (r[1] & 0x80) {
Expand Down
1 change: 1 addition & 0 deletions lib/elliptic/eddsa/signature.js
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ function Signature(eddsa, sig) {
sig = parseBytes(sig);

if (Array.isArray(sig)) {
assert(sig.length === eddsa.encodingLength * 2, 'Signature has invalid size');
sig = {
R: sig.slice(0, eddsa.encodingLength),
S: sig.slice(eddsa.encodingLength),
Expand Down

0 comments on commit accb61e

Please sign in to comment.