ASN.1: Validate DigestAlgorithmIdentifier parameters
The supported hash algorithms do not use AlgorithmIdentifier parameters. However, there are implementations that include NULL parameters in addition to ones that omit the parameters. Previous implementation did not check the parameters value at all which supported both these cases, but did not reject any other unexpected information. Use strict validation of digest algorithm parameters and reject any unexpected value when validating a signature. This is needed to prevent potential forging attacks. Signed-off-by: Jouni Malinen <j@w1.fi>master
parent
94beb8e367
commit
a0541334a6
Loading…
Reference in New Issue