Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-06-09 07:36:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Detect unexpected eddsaLegacy OID on parsing

Browse Source
This commit is contained in:
larabr 2024-05-16 10:15:57 +02:00 committed by larabr
parent f8d0e6052f
commit 52611e7f26
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/crypto/crypto.js
View File

@ -171,6 +171,9 @@ export function parsePublicKeyParams(algo, bytes) {
case enums.publicKey.eddsaLegacy: { case enums.publicKey.eddsaLegacy: {
const oid = new OID(); read += oid.read(bytes); const oid = new OID(); read += oid.read(bytes);
checkSupportedCurve(oid); checkSupportedCurve(oid);
if (oid.getName() !== enums.curve.ed25519Legacy) {
throw new Error('Unexpected OID for eddsaLegacy');
}
let Q = util.readMPI(bytes.subarray(read)); read += Q.length + 2; let Q = util.readMPI(bytes.subarray(read)); read += Q.length + 2;
Q = util.leftPad(Q, 33); Q = util.leftPad(Q, 33);
return { read: read, publicParams: { oid, Q } }; return { read: read, publicParams: { oid, Q } };
@ -227,6 +230,9 @@ export function parsePrivateKeyParams(algo, bytes, publicParams) {
} }
case enums.publicKey.eddsaLegacy: { case enums.publicKey.eddsaLegacy: {
const payloadSize = getCurvePayloadSize(algo, publicParams.oid); const payloadSize = getCurvePayloadSize(algo, publicParams.oid);
if (publicParams.oid.getName() !== enums.curve.ed25519Legacy) {
throw new Error('Unexpected OID for eddsaLegacy');
}
let seed = util.readMPI(bytes.subarray(read)); read += seed.length + 2; let seed = util.readMPI(bytes.subarray(read)); read += seed.length + 2;
seed = util.leftPad(seed, payloadSize); seed = util.leftPad(seed, payloadSize);
return { read, privateParams: { seed } }; return { read, privateParams: { seed } };