Tandem
/
certspotter
mirror of https://github.com/SSLMate/certspotter.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Return an error for trailing CT signature garbage rather than logging an error

This commit is contained in:
Andrew Ayer 2019-12-02 14:58:48 -05:00
parent 02b6c5ee51
commit 0aa86dd1cb
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ct/signatures.go
View File

@ -10,7 +10,6 @@ import (
"encoding/pem"
"errors"
"fmt"
"log"
"math/big"
)
@ -79,7 +78,7 @@ func (s SignatureVerifier) verifySignature(data []byte, sig DigitallySigned) err
return fmt.Errorf("failed to unmarshal ECDSA signature: %v", err)
}
if len(rest) != 0 {
log.Printf("Garbage following signature %v", rest)
return fmt.Errorf("Garbage following signature %v", rest)
}
if !ecdsa.Verify(ecdsaKey, hash, ecdsaSig.R, ecdsaSig.S) {