ASN.1: Reject invalid definite long form length values in DER encoding
The definite long form for the length is allowed only for cases where the definite short form cannot be used, i.e., if the length is 128 or greater. This was not previously enforced and as such, multiple different encoding options for the same length could have been accepted. Perform more strict checks to reject invalid cases for the definite long form for the length. This is needed for a compliant implementation and this is especially important for the case of verifying DER encoded signatures to prevent potential forging attacks. Signed-off-by: Jouni Malinen <j@w1.fi>master
parent
3af75f23b0
commit
ee76493bbd
Loading…
Reference in New Issue