Skip to content

Commit

Permalink
Only check the actual used lenght of the hash. (#8709)
Browse files Browse the repository at this point in the history
  • Loading branch information
seism0saurus authored Nov 5, 2022
1 parent 3a2fe9f commit 80bf716
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion libraries/ESP8266WiFi/src/BearSSLHelpers.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -945,7 +945,7 @@ extern "C" bool SigningVerifier_verify(PublicKey *_pubKey, UpdaterHashClass *has
}
br_rsa_pkcs1_vrfy vrfy = br_rsa_pkcs1_vrfy_get_default();
bool ret = vrfy((const unsigned char *)signature, signatureLen, hash->oid(), hash->len(), _pubKey->getRSA(), vrf);
if (!ret || memcmp(vrf, hash->hash(), sizeof(vrf)) ) {
if (!ret || memcmp(vrf, hash->hash(), std::min(HashLengthMax, hash->len())) ) {
return false;
} else {
return true;
Expand Down

0 comments on commit 80bf716

Please sign in to comment.