diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-11-30 09:51:10 -1000 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-11-30 09:51:10 -1000 |
| commit | 94a0713e3aa1b2ec4f98fe1eb690ef2160d70fdf (patch) | |
| tree | 377d423482faa4d32d9b6f3cacca162155d0a463 /src | |
| parent | b3a3e5c78650f0bbcaa5386e2185381156032d56 (diff) | |
| download | cryptography-94a0713e3aa1b2ec4f98fe1eb690ef2160d70fdf.tar.gz cryptography-94a0713e3aa1b2ec4f98fe1eb690ef2160d70fdf.tar.bz2 cryptography-94a0713e3aa1b2ec4f98fe1eb690ef2160d70fdf.zip | |
error if signature has trailing bytes
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/utils.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/primitives/asymmetric/utils.py b/src/cryptography/hazmat/primitives/asymmetric/utils.py index 0140e6c1..a1a40292 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/utils.py +++ b/src/cryptography/hazmat/primitives/asymmetric/utils.py @@ -17,6 +17,10 @@ class _DSSSigValue(univ.Sequence): def decode_rfc6979_signature(signature): data = decoder.decode(signature, asn1Spec=_DSSSigValue()) + if data[1]: + raise ValueError( + "The signature contains bytes after the end of the ASN.1 sequence." + ) r = int(data[0].getComponentByName('r')) s = int(data[0].getComponentByName('s')) return (r, s) |