Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
verify: fix signature verification (CVE-2022-24884)
Verify that r and s are non-zero. Without these checks, an all-zero signature is always considered valid. While it would be nicer to error out in ecdsa_verify_prepare_legacy() already, that would require users of libecdsautil to check a return value of the prepare step. To be safe, implement the fix in an API/ABI-compatible way that doesn't need changes to the users.
- Loading branch information