lib: DER signature decoding correction

Markus-MS · web-flow · commit accb61e9c1a0 · 2024-08-13T19:21:52.000-07:00
diff --git a/lib/elliptic/ec/signature.js b/lib/elliptic/ec/signature.js
@@ -38,6 +38,10 @@ function getLength(buf, p) {
     return false;
   }
 
+  if(buf[p.place] === 0x00) {
+    return false;
+  }
+
   var val = 0;
   for (var i = 0, off = p.place; i < octetLen; i++, off++) {
     val <<= 8;
@@ -86,6 +90,9 @@ Signature.prototype._importDER = function _importDER(data, enc) {
   if (rlen === false) {
     return false;
   }
+  if ((data[p.place] & 128) !== 0) {
+    return false;
+  }
   var r = data.slice(p.place, rlen + p.place);
   p.place += rlen;
   if (data[p.place++] !== 0x02) {
@@ -98,6 +105,9 @@ Signature.prototype._importDER = function _importDER(data, enc) {
   if (data.length !== slen + p.place) {
     return false;
   }
+  if ((data[p.place] & 128) !== 0) {
+    return false;
+  }
   var s = data.slice(p.place, slen + p.place);
   if (r[0] === 0) {
     if (r[1] & 0x80) {
diff --git a/lib/elliptic/eddsa/signature.js b/lib/elliptic/eddsa/signature.js
@@ -21,6 +21,7 @@ function Signature(eddsa, sig) {
     sig = parseBytes(sig);
 
   if (Array.isArray(sig)) {
+    assert(sig.length === eddsa.encodingLength * 2, 'Signature has invalid size');
     sig = {
       R: sig.slice(0, eddsa.encodingLength),
       S: sig.slice(eddsa.encodingLength),
