summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--packages/server/src/helpers/iso/isoCrypto/unwrapEC2Signature.ts2
-rw-r--r--packages/server/src/helpers/iso/isoCrypto/verify.ts2
2 files changed, 2 insertions, 2 deletions
diff --git a/packages/server/src/helpers/iso/isoCrypto/unwrapEC2Signature.ts b/packages/server/src/helpers/iso/isoCrypto/unwrapEC2Signature.ts
index 94bb202..6021853 100644
--- a/packages/server/src/helpers/iso/isoCrypto/unwrapEC2Signature.ts
+++ b/packages/server/src/helpers/iso/isoCrypto/unwrapEC2Signature.ts
@@ -56,7 +56,7 @@ function toNormalizedBytes(i: ArrayBuffer, n: number): Uint8Array {
const normalizedBytes = new Uint8Array(n);
if (iBytes.length <= n) {
normalizedBytes.set(iBytes, n - iBytes.length);
- } else if (iBytes.length === n + 1 && iBytes[0] === 0) {
+ } else if (iBytes.length === n + 1 && iBytes[0] === 0 && (iBytes[1] & 0x80) === 0x80) {
normalizedBytes.set(iBytes.slice(1));
} else {
throw new Error("invalid signature component length");
diff --git a/packages/server/src/helpers/iso/isoCrypto/verify.ts b/packages/server/src/helpers/iso/isoCrypto/verify.ts
index 79a07f9..4a3e81f 100644
--- a/packages/server/src/helpers/iso/isoCrypto/verify.ts
+++ b/packages/server/src/helpers/iso/isoCrypto/verify.ts
@@ -26,7 +26,7 @@ export function verify(opts: {
if (isCOSEPublicKeyEC2(cosePublicKey)) {
const crv = cosePublicKey.get(COSEKEYS.crv);
if (!isCOSECrv(crv)) {
- throw new Error("unknown COSE curve");
+ throw new Error(`unknown COSE curve ${crv}`);
}
const unwrappedSignature = unwrapEC2Signature(signature, crv);
return verifyEC2({
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-16 22:31:57 +0000