Skip to content

Commit

Permalink
fix length decoding
Browse files Browse the repository at this point in the history
the same issues as with decoding integers happen with the NIST521p curve
as it's large enough that the length encoding of some fields needs
to use multi-byte encoding

backport of a655d6f
  • Loading branch information
tomato42 committed Oct 7, 2019
1 parent 897178c commit 9080d1d
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
4 changes: 4 additions & 0 deletions ecdsa/der.py
Original file line number Diff line number Diff line change
Expand Up @@ -148,13 +148,17 @@ def encode_length(l):
return int2byte(0x80|llen) + s

def read_length(string):
if not string:
raise UnexpectedDER("Empty string can't encode valid length value")
num = string[0] if isinstance(string[0], integer_types) else ord(string[0])
if not (num & 0x80):
# short form
return (num & 0x7f), 1
# else long-form: b0&0x7f is number of additional base256 length bytes,
# big-endian
llen = num & 0x7f
if not llen:
raise UnexpectedDER("Invalid length encoding, length byte is 0")
if llen > len(string)-1:
raise UnexpectedDER("ran out of length bytes")
return int(binascii.hexlify(string[1:1+llen]), 16), 1+llen
Expand Down
2 changes: 1 addition & 1 deletion ecdsa/test_malformed_sigs.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
# few thousand slow test cases; execute the most interesting only

#for curve in curves:
for curve in [NIST256p]:
for curve in [NIST521p]:
#for hash_alg in ["md5", "sha1", "sha224", "sha256", "sha384", "sha512"]:
for hash_alg in ["sha256"]:
key = SigningKey.generate(curve)
Expand Down

0 comments on commit 9080d1d

Please sign in to comment.