add check to ensure only invalid ASN1 gives InvalidSignature in DSA

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-05-01 12:58:16 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-05-01 12:58:16 -0500
commit: f58d1ab6cf5d90ae06a593fca52ab388d75da068 (patch)
tree: 443c51197ea62afa34810a161d2d815d177bdd4b /cryptography
parent: e0aeaf8c7b4191c231f2c3d651e899f49331ca69 (diff)
download: cryptography-f58d1ab6cf5d90ae06a593fca52ab388d75da068.tar.gz
cryptography-f58d1ab6cf5d90ae06a593fca52ab388d75da068.tar.bz2
cryptography-f58d1ab6cf5d90ae06a593fca52ab388d75da068.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 37d1c35e..37deb2ae 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -1363,6 +1363,9 @@ class _DSAVerificationContext(object):
         if res != 1:
             errors = self._backend._consume_errors()
             assert errors
+            if res == -1:
+                assert errors[0].lib == self._backend._lib.ERR_LIB_ASN1
+
             raise InvalidSignature
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-05-01 12:58:16 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-05-01 12:58:16 -0500
commit	f58d1ab6cf5d90ae06a593fca52ab388d75da068 (patch)
tree	443c51197ea62afa34810a161d2d815d177bdd4b /cryptography
parent	e0aeaf8c7b4191c231f2c3d651e899f49331ca69 (diff)
download	cryptography-f58d1ab6cf5d90ae06a593fca52ab388d75da068.tar.gz cryptography-f58d1ab6cf5d90ae06a593fca52ab388d75da068.tar.bz2 cryptography-f58d1ab6cf5d90ae06a593fca52ab388d75da068.zip