Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: check ecdsa psychic signature #42863

Merged
merged 1 commit into from
Apr 27, 2022
Merged

test: check ecdsa psychic signature #42863

merged 1 commit into from
Apr 27, 2022

Conversation

panva
Copy link
Member

@panva panva commented Apr 25, 2022

Adds tests for CVE-2022-21449

Dubbed "Psychic Signatures", these signatures bypassed the ECDSA signature verification implementation in Java in 15, 16, 17, and 18. OpenSSL is not (and was not) vulnerable so these are a precaution.

@panva panva requested review from jasnell and tniessen April 25, 2022 08:43
@nodejs-github-bot nodejs-github-bot added needs-ci PRs that need a full CI run. test Issues and PRs related to the tests. labels Apr 25, 2022
@panva panva added request-ci Add this label to start a Jenkins CI on a PR. author ready PRs that have at least one approval, no pending requests for changes, and a CI started. labels Apr 25, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Apr 25, 2022
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/43683/

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/43689/

@github-actions github-actions bot mentioned this pull request Apr 26, 2022
Open
14 tasks
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/43698/

@github-actions github-actions bot mentioned this pull request Apr 27, 2022
Open
11 tasks
@panva panva added the commit-queue Add this label to land a pull request using GitHub Actions. label Apr 27, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Apr 27, 2022
@nodejs-github-bot nodejs-github-bot merged commit 8d0f49c into nodejs:master Apr 27, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 8d0f49c

@panva panva deleted the test-psychic-ecdsa-signatures branch April 27, 2022 09:34
@github-actions github-actions bot mentioned this pull request Apr 28, 2022
Open
18 tasks
targos pushed a commit that referenced this pull request Apr 28, 2022
@panva @targos
test: check ecdsa psychic signature
59c07a9 
PR-URL: #42863
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
This was referenced Apr 29, 2022
Open
Open
@targos targos mentioned this pull request May 2, 2022
Merged
juanarbol pushed a commit that referenced this pull request May 31, 2022
@panva @juanarbol
test: check ecdsa psychic signature
eca030d 
PR-URL: #42863
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
@juanarbol juanarbol mentioned this pull request May 31, 2022
Closed
danielleadams pushed a commit that referenced this pull request Jun 27, 2022
@panva @danielleadams
test: check ecdsa psychic signature
e526691 
PR-URL: #42863
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
targos pushed a commit that referenced this pull request Jul 12, 2022
@panva @targos
test: check ecdsa psychic signature
bbfa532 
PR-URL: #42863
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
targos pushed a commit that referenced this pull request Jul 31, 2022
@panva @targos
test: check ecdsa psychic signature
64097a4 
PR-URL: #42863
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
@targos targos mentioned this pull request Aug 3, 2022
Merged
guangwong pushed a commit to noslate-project/node that referenced this pull request Oct 10, 2022
@panva @guangwong
test: check ecdsa psychic signature
a7fcdf4 
PR-URL: nodejs/node#42863
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Trott Trott Trott approved these changes

@lpinca lpinca lpinca approved these changes

@tniessen tniessen tniessen approved these changes

@marsonya marsonya marsonya approved these changes

@jasnell jasnell Awaiting requested review from jasnell

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. needs-ci PRs that need a full CI run. test Issues and PRs related to the tests.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@panva @nodejs-github-bot @Trott @lpinca @tniessen @marsonya