diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-04-13 21:46:26 -0400 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-04-13 21:46:26 -0400 |
| commit | 5054e6591db055b520eacc39db7e5dcd6e6e3a1a (patch) | |
| tree | 236547e393eb8ef2b24db464213411712f8714c2 /src/cryptography/hazmat/primitives/asymmetric | |
| parent | b6c8faa1a473447b9e91ab700a6f9b0af0468432 (diff) | |
| parent | c2d903bb0a14898e94446dc49517ef9f354463a5 (diff) | |
| download | cryptography-5054e6591db055b520eacc39db7e5dcd6e6e3a1a.tar.gz cryptography-5054e6591db055b520eacc39db7e5dcd6e6e3a1a.tar.bz2 cryptography-5054e6591db055b520eacc39db7e5dcd6e6e3a1a.zip | |
Merge pull request #1843 from geofft/pyasn1-eoc
Work around pyasn1's willingness to return endOfOctets in DER parsing
Diffstat (limited to 'src/cryptography/hazmat/primitives/asymmetric')
| -rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/utils.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/primitives/asymmetric/utils.py b/src/cryptography/hazmat/primitives/asymmetric/utils.py index 71f4ff8e..f04eb66e 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/utils.py +++ b/src/cryptography/hazmat/primitives/asymmetric/utils.py @@ -4,6 +4,7 @@ from __future__ import absolute_import, division, print_function +from pyasn1.codec.ber import eoo from pyasn1.codec.der import decoder, encoder from pyasn1.error import PyAsn1Error from pyasn1.type import namedtype, univ @@ -28,6 +29,12 @@ def decode_rfc6979_signature(signature): raise ValueError( "The signature contains bytes after the end of the ASN.1 sequence." ) + # pyasn1 can erroneously return this from top-level DER decoding. + # It's intended as a sentinel in recursive BER decoding, so it's + # returned even though an asn1Spec is provided. + if data == eoo.endOfOctets: + raise ValueError("Invalid signature data. Unable to decode ASN.1") + r = int(data.getComponentByName('r')) s = int(data.getComponentByName('s')) return (r, s) |