diff options
author | StefanBruens <stefan.bruens@rwth-aachen.de> | 2019-10-21 02:07:19 +0200 |
---|---|---|
committer | José Padilla <jpadilla@webapplicate.com> | 2019-10-20 20:07:19 -0400 |
commit | 36a3f9bd0cc7029e5150b1931efbd62da975e8b9 (patch) | |
tree | fdb6bf91f68436093c7ec4a5bb105b776827fabf | |
parent | 2d89f025464b7aed3fd37f3ca8a7bb21065e1585 (diff) | |
download | pyjwt-36a3f9bd0cc7029e5150b1931efbd62da975e8b9.tar.gz |
Catch BadSignatureError raised by ecdsa 0.13.3 on verification errors (#448)
The new ecdsa no longer uses AssertionError when the signature is too long.
This happens in the test suite, where "123" is appended to the signature.
Fixes #447
-rw-r--r-- | jwt/contrib/algorithms/py_ecdsa.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/jwt/contrib/algorithms/py_ecdsa.py b/jwt/contrib/algorithms/py_ecdsa.py index bf0dea5..f1170a6 100644 --- a/jwt/contrib/algorithms/py_ecdsa.py +++ b/jwt/contrib/algorithms/py_ecdsa.py @@ -56,5 +56,7 @@ class ECAlgorithm(Algorithm): try: return key.verify(sig, msg, hashfunc=self.hash_alg, sigdecode=ecdsa.util.sigdecode_string) - except AssertionError: + # ecdsa <= 0.13.2 raises AssertionError on too long signatures, + # ecdsa >= 0.13.3 raises BadSignatureError for verification errors. + except (AssertionError, ecdsa.BadSignatureError): return False |