ECDSA.transcodeSignatureToDER ignores the last byte of an odd signature
Issue #315
duplicate
This is a security hole since it also validates all of the tokens whose signature is composed of a valid signature and one more character
Comments (2)
-
-
- changed status to duplicate
Duplicate of
#399. - Log in to comment
For the ticket, could you provide more details / context / proof?