RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 11:07:45 +00:00
Code Issues Activity Actions

LibCrypto: Fix SECP384r1 verification when hash is SHA256

Browse source 
Some websites actually provide a SECP384 certificate which is signed
using a SHA256 hash. We assumed that SECP384 always used a SHA384 hash,
but this is not the case.
This commit is contained in:
Michiel Visser 2023-11-27 20:17:17 +01:00 committed by Ali Mohammad Pur
parent 6eadf4a778
commit 000f0274e2
1 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Userland/Libraries/LibCrypto/Curves/SECPxxxr1.h
View file

@ -196,8 +196,11 @@ public:
} }
// z is the hash // z is the hash
AK::FixedMemoryStream hash_stream { hash }; StorageType z = 0u;
StorageType z = TRY(hash_stream.read_value<BigEndian<StorageType>>()); for (uint8_t byte : hash) {
z <<= 8;
z |= byte;
}
AK::FixedMemoryStream pubkey_stream { pubkey }; AK::FixedMemoryStream pubkey_stream { pubkey };
JacobianPoint pubkey_point = TRY(read_uncompressed_point(pubkey_stream)); JacobianPoint pubkey_point = TRY(read_uncompressed_point(pubkey_stream));