From 73251faf2cb043dc9795b46c98c7084482d2aed2 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sat, 6 Dec 2014 23:17:23 -0600
Subject: catch PyAsn1Error when decoding rfc6979 signature

---
 src/cryptography/hazmat/primitives/asymmetric/utils.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/asymmetric/utils.py b/src/cryptography/hazmat/primitives/asymmetric/utils.py
index 36b9080d..08bb40c7 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/utils.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/utils.py
@@ -5,6 +5,7 @@
 from __future__ import absolute_import, division, print_function
 
 from pyasn1.codec.der import decoder, encoder
+from pyasn1.error import PyAsn1Error
 from pyasn1.type import namedtype, univ
 
 
@@ -16,7 +17,11 @@ class _DSSSigValue(univ.Sequence):
 
 
 def decode_rfc6979_signature(signature):
-    data, remaining = decoder.decode(signature, asn1Spec=_DSSSigValue())
+    try:
+        data, remaining = decoder.decode(signature, asn1Spec=_DSSSigValue())
+    except PyAsn1Error:
+        raise ValueError("Invalid signature data. Unable to decode ASN.1")
+
     if remaining:
         raise ValueError(
             "The signature contains bytes after the end of the ASN.1 sequence."
-- 
cgit v1.2.3