Don't fail parsing on invalid asn1 signatures (fixes #16).

rumpeltux · Apr 2, 2024 · 7241e50 · 7241e50
1 parent cbae8a0
commit 7241e50
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/onlineticket.py b/onlineticket.py
@@ -460,15 +460,20 @@ def signature_decode(self, res):
       '''Parses the asn1 signature and extracts the (r,s) tuple.'''
       if not asn1: return None
       signature_length = 50 if int(res['version']) <= 1 else 64
-      decoded = asn1.decode(self.read(signature_length))[0]
+      signature_bytes = self.read(signature_length)
+      try:
+        decoded = asn1.decode(signature_bytes)[0]
+      except Exception as e:
+         return (repr(e), signature_bytes)
       return (int(decoded[0]), int(decoded[1]))
 
     def signature_validity(self, res):
       if len(self.stream) - self.offset - res['data_length'] > 0:
           return 'INVALID (trailing data)'
       if len(self.stream) - self.offset - res['data_length'] < 0:
           return 'INVALID (incomplete ticket data)'
-
+      if type(res['signature'][0]) != int:
+         return 'INVALID (asn1 decode error)'
       try:
           pubkey = get_pubkey(issuer=res['carrier'],
                               keyid=res['key_id'])