-
Notifications
You must be signed in to change notification settings - Fork 311
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Correct handling of BIT STRING in DER #138
Conversation
d6fe845
to
650a2a8
Compare
@t8m please review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved with the doc nit fixed. The other thing is for your consideration.
src/ecdsa/der.py
Outdated
the second being the remaining bytes in the string (if any); if the | ||
`expect_unused` is specified as None, the first element of the returned | ||
tuple will be a tuple itself, with first element being the bit string | ||
as bytes and the second element bing the number of unused bits at the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bing -> being
if unused and not s: | ||
raise ValueError("unused is non-zero but s is empty") | ||
encoded_unused = int2byte(unused) | ||
len_extra = 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it be good idea to either check or override the padding of the last byte here if unused is nonzero?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
checking is probably better, will do
the functions required the callees to handle the encoded length of unused bits, handle it inside the functions now also add test coverage for that deprecate the old calling convention
OK, still approved after the rebase and fixes. |
@t8m Thank you! |
the first byte of the bit string in DER is the number of unused bits in the bit string, parse it properly and give expected error values if the parsing fails
fixes #120
Todo:
keys.py