Skip to content

test: check ecdsa psychic signature

Rodrigo Muino Tomonari requested to merge github/fork/panva/test-psychic-ecdsa-signatures into master

Adds tests for CVE-2022-21449

Dubbed "Psychic Signatures", these signatures bypassed the ECDSA signature verification implementation in Java in 15, 16, 17, and 18. OpenSSL is not (and was not) vulnerable so these are a precaution.

Merge request reports