зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1405431 - Be more precise in WebAuthn signature verification assertion r=keeler
There's an intermittent which might be spurious because ASN.1 signatures might sometimes be less than 70 bytes, but the actual floor is probably 68 (32 + 32 + 4). It's a sanity check, so I've adjusted it down and also am now emitting the offending key bytes if this triggers again. MozReview-Commit-ID: 1wwU9Q3BUPF --HG-- extra : rebase_source : 2877deb770f8bf4bcf31dae40f75016892dc9d53
This commit is contained in:
Родитель
c42f57923a
Коммит
9f45608ca1
|
@ -283,9 +283,9 @@ function sanitizeSigArray(arr) {
|
|||
}
|
||||
|
||||
function verifySignature(key, data, derSig) {
|
||||
if (derSig.byteLength < 70) {
|
||||
console.log("bad sig: " + hexEncode(new Uint8Array(derSig)))
|
||||
return Promise.reject("Invalid signature length: " + derSig.byteLength);
|
||||
if (derSig.byteLength < 68) {
|
||||
return Promise.reject("Invalid signature (length=" + derSig.byteLength +
|
||||
"): " + hexEncode(new Uint8Array(derSig)));
|
||||
}
|
||||
|
||||
let sigAsn1 = org.pkijs.fromBER(derSig);
|
||||
|
|
Загрузка…
Ссылка в новой задаче