LibCrypto: Add early exit to SECP.verify if signature is invalid

Author: https://github.com/stelar7 Commit: 54a3ffcd42 Pull-request: https://github.com/SerenityOS/serenity/pull/23737 Reviewed-by: https://github.com/ADKaster ✅ Reviewed-by: https://github.com/trflynn89
2025-06-11 18:20:43 +09:00 · 2024-03-29 21:59:57 +01:00 · 2024-03-29 21:59:57 +01:00 · 54a3ffcd42 · 2024-07-16 21:34:08 +09:00
commit 54a3ffcd42
parent ae230c9150
1 changed files with 5 additions and 0 deletions
--- a/Userland/Libraries/LibCrypto/Curves/SECPxxxr1.h
+++ b/Userland/Libraries/LibCrypto/Curves/SECPxxxr1.h
@ -186,6 +186,11 @@ public:
        auto r_bigint = TRY(asn1_decoder.read<Crypto::UnsignedBigInteger>(Crypto::ASN1::Class::Universal, Crypto::ASN1::Kind::Integer));
        auto s_bigint = TRY(asn1_decoder.read<Crypto::UnsignedBigInteger>(Crypto::ASN1::Class::Universal, Crypto::ASN1::Kind::Integer));

+        size_t expected_word_count = KEY_BIT_SIZE / 32;
+        if (r_bigint.length() < expected_word_count || s_bigint.length() < expected_word_count) {
+            return false;
+        }
+
        StorageType r = 0u;
        StorageType s = 0u;
        for (size_t i = 0; i < (KEY_BIT_SIZE / 32); i++) {