der: don't accept padded subidentifiers

tomato42 · tomato42 · commit a127819a57fd · 2019-11-04T23:01:54.000+01:00
diff --git a/src/ecdsa/der.py b/src/ecdsa/der.py
@@ -217,6 +217,8 @@ def remove_integer(string):
 def read_number(string):
     number = 0
     llen = 0
+    if str_idx_as_int(string, 0) == 0x80:
+        raise UnexpectedDER("Non minimal encoding of OID subidentifier")
     # base-128 big endian, with b7 set in all but the last byte
     while True:
         if llen >= len(string):
diff --git a/src/ecdsa/test_der.py b/src/ecdsa/test_der.py
@@ -311,6 +311,14 @@ def test_with_large_second_subid(self):
         self.assertEqual(rest, b'')
         self.assertEqual(oid, (2, 999, 3))
 
+    def test_with_padded_first_subid(self):
+        with self.assertRaises(UnexpectedDER):
+            remove_object(b'\x06\x02\x80\x00')
+
+    def test_with_padded_second_subid(self):
+        with self.assertRaises(UnexpectedDER):
+            remove_object(b'\x06\x04\x88\x37\x80\x01')
+
     def test_with_missing_last_byte_of_multi_byte(self):
         with self.assertRaises(UnexpectedDER):
             remove_object(b'\x06\x03\x88\x37\x83')
