From c3a09a30637225793a1a6d6a5e2a10c11265e312 Mon Sep 17 00:00:00 2001 From: mattsb42-aws Date: Mon, 24 Dec 2018 18:26:59 -0800 Subject: [PATCH] fix CryptographyECKey.verify failure If an invalid signature is passed to sigdecode_string, an AssertionError is raise. This assertion error was being passed up through CryptographyECKey.verify, rather than CryptographyECKey.verify catching the error and returning False, as required by the Key.verify API. --- jose/backends/cryptography_backend.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jose/backends/cryptography_backend.py b/jose/backends/cryptography_backend.py index 68047665..d2d5bf50 100644 --- a/jose/backends/cryptography_backend.py +++ b/jose/backends/cryptography_backend.py @@ -101,8 +101,8 @@ def sign(self, msg): def verify(self, msg, sig): order = (2 ** self.prepared_key.curve.key_size) - 1 - signature = sigencode_der(*sigdecode_string(sig, order), order=order) try: + signature = sigencode_der(*sigdecode_string(sig, order), order=order) self.prepared_key.verify(signature, msg, ec.ECDSA(self.hash_alg())) return True except Exception: