mirrors/serenity
1
0
Fork 0
mirror of https://github.com/SerenityOS/serenity.git synced 2025-01-26 19:32:06 -05:00
Code Issues Projects Releases Packages Wiki Activity

LibCrypto: Fix SECP384r1 verification when hash is SHA256

Browse source 
Some websites actually provide a SECP384 certificate which is signed
using a SHA256 hash. We assumed that SECP384 always used a SHA384 hash,
but this is not the case.
This commit is contained in:
Michiel Visser 2023-11-27 20:17:17 +01:00 committed by Ali Mohammad Pur
parent 6eadf4a778
commit 000f0274e2
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Userland/Libraries/LibCrypto/Curves/SECPxxxr1.h
View file

@ -196,8 +196,11 @@ public:
}
// z is the hash
AK::FixedMemoryStream hash_stream { hash };
StorageType z = TRY(hash_stream.read_value<BigEndian<StorageType>>());
StorageType z = 0u;
for (uint8_t byte : hash) {
z <<= 8;
z |= byte;
}
AK::FixedMemoryStream pubkey_stream { pubkey };
JacobianPoint pubkey_point = TRY(read_uncompressed_point(pubkey_stream));