From 52611e7f26e69db3676c44fde8bf6b2f212b9744 Mon Sep 17 00:00:00 2001
From: larabr <7375870+larabr@users.noreply.github.com>
Date: Thu, 16 May 2024 10:15:57 +0200
Subject: [PATCH] Detect unexpected eddsaLegacy OID on parsing

---
 src/crypto/crypto.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/crypto/crypto.js b/src/crypto/crypto.js
index 683f3e57..d0c0fa7a 100644
--- a/src/crypto/crypto.js
+++ b/src/crypto/crypto.js
@@ -171,6 +171,9 @@ export function parsePublicKeyParams(algo, bytes) {
     case enums.publicKey.eddsaLegacy: {
       const oid = new OID(); read += oid.read(bytes);
       checkSupportedCurve(oid);
+      if (oid.getName() !== enums.curve.ed25519Legacy) {
+        throw new Error('Unexpected OID for eddsaLegacy');
+      }
       let Q = util.readMPI(bytes.subarray(read)); read += Q.length + 2;
       Q = util.leftPad(Q, 33);
       return { read: read, publicParams: { oid, Q } };
@@ -227,6 +230,9 @@ export function parsePrivateKeyParams(algo, bytes, publicParams) {
     }
     case enums.publicKey.eddsaLegacy: {
       const payloadSize = getCurvePayloadSize(algo, publicParams.oid);
+      if (publicParams.oid.getName() !== enums.curve.ed25519Legacy) {
+        throw new Error('Unexpected OID for eddsaLegacy');
+      }
       let seed = util.readMPI(bytes.subarray(read)); read += seed.length + 2;
       seed = util.leftPad(seed, payloadSize);
       return { read, privateParams: { seed } };