mirrors/nebula
1
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2026-04-06 21:31:27 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix: trim leading zeros from p256 signature swap result

Browse source 
bigmod.Nat.Bytes() returns fixed-size 32-byte slices, but ASN.1 INTEGER
parsing strips leading zeros. This caused a flaky test failure (~1/256
chance) when the S value's high byte was zero.

Co-Authored-By: Claude <svc-devxp-claude@slack-corp.com>
This commit is contained in:
Jay Wren 2026-04-02 16:12:36 -04:00
parent 185e0c9d82
commit c854da510a
No known key found for this signature in database
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
cert/p256/p256.go
View file

@ -44,7 +44,12 @@ func swap(r, s []byte) ([]byte, []byte, error) {
}
sNormalized := nMod.Nat().Sub(bigS, nMod)
return r, sNormalized.Bytes(nMod), nil
result := sNormalized.Bytes(nMod)
for len(result) > 1 && result[0] == 0 {
result = result[1:]
}
return r, result, nil
}
func Normalize(sig []byte) ([]byte, error) {