Skip to content

Commit

Permalink
6.5.3
Browse files Browse the repository at this point in the history
  • Loading branch information
@indutny
indutny committed Jun 18, 2020
1 parent 856fe4d commit 8647803
Show file tree
Hide file tree
Showing 4 changed files with 41 additions and 9 deletions.
42 changes: 37 additions & 5 deletions dist/elliptic.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2560,11 +2560,24 @@ function getLength(buf, p) {
return initial;
}
var octetLen = initial & 0xf;

// Indefinite length or overflow
if (octetLen === 0 || octetLen > 4) {
return false;
}

var val = 0;
for (var i = 0, off = p.place; i < octetLen; i++, off++) {
val <<= 8;
val |= buf[off];
val >>>= 0;
}

// Leading zeroes
if (val <= 0x7f) {
return false;
}

p.place = off;
return val;
}
Expand All @@ -2588,28 +2601,47 @@ Signature.prototype._importDER = function _importDER(data, enc) {
return false;
}
var len = getLength(data, p);
if (len === false) {
return false;
}
if ((len + p.place) !== data.length) {
return false;
}
if (data[p.place++] !== 0x02) {
return false;
}
var rlen = getLength(data, p);
if (rlen === false) {
return false;
}
var r = data.slice(p.place, rlen + p.place);
p.place += rlen;
if (data[p.place++] !== 0x02) {
return false;
}
var slen = getLength(data, p);
if (slen === false) {
return false;
}
if (data.length !== slen + p.place) {
return false;
}
var s = data.slice(p.place, slen + p.place);
if (r[0] === 0 && (r[1] & 0x80)) {
r = r.slice(1);
if (r[0] === 0) {
if (r[1] & 0x80) {
r = r.slice(1);
} else {
// Leading zeroes
return false;
}
}
if (s[0] === 0 && (s[1] & 0x80)) {
s = s.slice(1);
if (s[0] === 0) {
if (s[1] & 0x80) {
s = s.slice(1);
} else {
// Leading zeroes
return false;
}
}

this.r = new BN(r);
Expand Down Expand Up @@ -8798,7 +8830,7 @@ utils.encode = function encode(arr, enc) {
},{}],35:[function(require,module,exports){
module.exports={
"name": "elliptic",
"version": "6.5.2",
"version": "6.5.3",
"description": "EC cryptography",
"main": "lib/elliptic.js",
"files": [
Expand Down
4 changes: 2 additions & 2 deletions dist/elliptic.min.js
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "elliptic",
"version": "6.5.2",
"version": "6.5.3",
"description": "EC cryptography",
"main": "lib/elliptic.js",
"files": [
Expand Down

1 comment on commit 8647803

@gabselbach
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

.

Please sign in to comment.