[WebCrypto] ECDSA could not deal with invalid signature inputs
authorjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Oct 2018 01:32:02 +0000 (01:32 +0000)
committerjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Oct 2018 01:32:02 +0000 (01:32 +0000)
commit67c0552f96e1f762e33c93d8502ce23ca39f7190
tree8ecb30314d72e56579a8b83ef52812934dbc8600
parent6cc30693b319255510e4b6bf0ef39f2170421923
[WebCrypto] ECDSA could not deal with invalid signature inputs
https://bugs.webkit.org/show_bug.cgi?id=189879
<rdar://problem/44701276>

Reviewed by Brent Fulgham.

Source/WebCore:

Add some guards over detections of the start positions of r/s.

Covered by improved existing tests.

* crypto/mac/CryptoAlgorithmECDSAMac.cpp:
(WebCore::verifyECDSA):

LayoutTests:

* crypto/subtle/ecdsa-verify-malformed-parameters-expected.txt:
* crypto/subtle/ecdsa-verify-malformed-parameters.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236820 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/crypto/subtle/ecdsa-verify-malformed-parameters-expected.txt
LayoutTests/crypto/subtle/ecdsa-verify-malformed-parameters.html
Source/WebCore/ChangeLog
Source/WebCore/crypto/mac/CryptoAlgorithmECDSAMac.cpp