Bug #4583
Updated by Junxiao Shi over 6 years ago
Steps to reproduce: 1. Construct a Data packet with Name, MetaInfo, Content, SignatureInfo elements present. 2. Append a valid signature using any signing algorithm defined in v0.3. 3. Inject one or more unrecognized non-critical TLV elements before, between, or after SignatureValue. any of the five existing TLV elements. 4. Call a `verify*` function in `security/verification-helpers.hpp`. Expected: The signature is found to be valid. Actual: The If step3 injects after SignatureValue, the verification helper fails to parse the signature. Otherwise, the signature is found to be invalid. Packet Format v0.3 defines SignatureValue to be a signature over Name+MetaInfo+Content+SignatureInfo. For example, with SignatureType=3, it is `ECDSA over SHA256{Name, MetaInfo, Content, SignatureInfo}`. Thus, signing and verification procedures should skip over other TLV elements.