Skip to content

(EC)DSA signature fix #670

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hynek merged 4 commits into from
Jul 20, 2017
Merged

(EC)DSA signature fix #670

hynek merged 4 commits into from
Jul 20, 2017

Conversation

@reaperhulk
Copy link
Member

@reaperhulk reaperhulk commented Jul 20, 2017

Supersedes #668

Lukasa
Lukasa previously approved these changes Jul 20, 2017
View reviewed changes
@reaperhulk reaperhulk mentioned this pull request Jul 20, 2017
Closed
Jakub Zakrzewski and others added 3 commits July 20, 2017 10:33
@reaperhulk
Write a test - signatures with EC keys (pyca#609)
8cb1d25
@reaperhulk
Ask for signature length before allocating a buffer.
36f8d81 
This fixes a potential heap buffer overflow that may happen when a signature
is longer than the private key, as with X9.62 ECDSA (pyca#609).
@reaperhulk
change approach to EVP_PKEY_size and add changelog
0be1eee
@codecov
Copy link

codecov bot commented Jul 20, 2017
edited
Loading

Codecov Report

Merging #670 into master will increase coverage by <.01%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #670      +/-   ##
==========================================
+ Coverage   96.94%   96.95%   +<.01%     
==========================================
  Files          18       18              
  Lines        5737     5746       +9     
  Branches      401      401              
==========================================
+ Hits         5562     5571       +9     
  Misses        117      117              
  Partials       58       58
Impacted Files Coverage Δ
tests/test_crypto.py 98.62% <100%> (ø) ⬆️
src/OpenSSL/crypto.py 96.8% <100%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8102128...e9b6f82. Read the comment docs.

@hynek hynek merged commit 59d2625 into pyca:master Jul 20, 2017
@hynek hynek deleted the jza-master branch July 20, 2017 08:45
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@hynek hynek hynek approved these changes

@Lukasa Lukasa Lukasa left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@reaperhulk @hynek @Lukasa