qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-17 13:04:54 -07:00
Code Releases Activity

crypto/x509: use new ecdsa.VerifyASN1 API

Browse Source 
Change-Id: Ia4f77d2965e34454e8dd3f2d8bf9c4f3065a9fbc
Reviewed-on: https://go-review.googlesource.com/c/go/+/220721
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
This commit is contained in:
Katie Hockman 2020-02-24 17:25:08 -05:00
parent bb644e7982
commit 975c01342a
1 changed files with 1 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/crypto/x509/x509.go
View File

@ -163,8 +163,6 @@ type dsaSignature struct {
R, S *big.Int
}
type ecdsaSignature dsaSignature
type validity struct {
NotBefore, NotAfter time.Time
}
@ -905,16 +903,7 @@ func checkSignature(algo SignatureAlgorithm, signed, signature []byte, publicKey
if pubKeyAlgo != ECDSA {
return signaturePublicKeyAlgoMismatchError(pubKeyAlgo, pub)
}
ecdsaSig := new(ecdsaSignature)
if rest, err := asn1.Unmarshal(signature, ecdsaSig); err != nil {
return err
} else if len(rest) != 0 {
return errors.New("x509: trailing data after ECDSA signature")
}
if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 {
return errors.New("x509: ECDSA signature contained zero or negative values")
}
if !ecdsa.Verify(pub, signed, ecdsaSig.R, ecdsaSig.S) {
if !ecdsa.VerifyASN1(pub, signed, signature) {
return errors.New("x509: ECDSA verification failure")
}
return