diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-02-27 00:00:21 -0400 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-02-27 00:00:21 -0400 |
| commit | 4f852a4d679e6fdf281d5fb58e7a9d3deab935b8 (patch) | |
| tree | d6e68a19919b6bb99ed7890549b7f90cead31937 | |
| parent | adba07a814626d1e409cd06d6a0774dae69a2c33 (diff) | |
| download | cryptography-4f852a4d679e6fdf281d5fb58e7a9d3deab935b8.tar.gz cryptography-4f852a4d679e6fdf281d5fb58e7a9d3deab935b8.tar.bz2 cryptography-4f852a4d679e6fdf281d5fb58e7a9d3deab935b8.zip | |
assert some things
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 3eec244e..6bb76c47 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -769,7 +769,11 @@ class _RSAVerificationContext(object): data_to_verify, len(data_to_verify) ) - if res != 1: + # The previous call can return negative numbers in the event of an + # error. This is not a signature failure but we need to fail if it + # occurs. + assert res >= 0 + if res == 0: raise InvalidSignature def _verify_pkcs1(self, rsa_cdata, evp_pkey, evp_md): @@ -781,7 +785,11 @@ class _RSAVerificationContext(object): ) self._hash_ctx.finalize() self._hash_ctx = None - if res != 1: + # The previous call can return negative numbers in the event of an + # error. This is not a signature failure but we need to fail if it + # occurs. + assert res >= 0 + if res == 0: raise InvalidSignature |