From 698305c0edad65c9323f1df80a9aeb4bfe9a5b32 Mon Sep 17 00:00:00 2001 From: larabr <7375870+larabr@users.noreply.github.com> Date: Thu, 16 May 2024 17:06:57 +0200 Subject: [PATCH] Pass curve object instead of oid to `checkPublicPointEnconding` --- src/crypto/public_key/elliptic/ecdh.js | 6 +++--- src/crypto/public_key/elliptic/ecdsa.js | 4 ++-- src/crypto/public_key/elliptic/eddsa_legacy.js | 8 +++++--- src/crypto/public_key/elliptic/oid_curves.js | 5 ++--- 4 files changed, 12 insertions(+), 11 deletions(-) diff --git a/src/crypto/public_key/elliptic/ecdh.js b/src/crypto/public_key/elliptic/ecdh.js index e597b7cd..b57362a8 100644 --- a/src/crypto/public_key/elliptic/ecdh.js +++ b/src/crypto/public_key/elliptic/ecdh.js @@ -131,7 +131,7 @@ export async function encrypt(oid, kdfParams, data, Q, fingerprint) { const m = pkcs5.encode(data); const curve = new CurveWithOID(oid); - checkPublicPointEnconding(oid, Q); + checkPublicPointEnconding(curve, Q); const { publicKey, sharedKey } = await genPublicEphemeralKey(curve, Q); const param = buildEcdhParam(enums.publicKey.ecdh, oid, kdfParams, fingerprint); const { keySize } = getCipherParams(kdfParams.cipher); @@ -194,8 +194,8 @@ async function genPrivateEphemeralKey(curve, V, Q, d) { */ export async function decrypt(oid, kdfParams, V, C, Q, d, fingerprint) { const curve = new CurveWithOID(oid); - checkPublicPointEnconding(oid, Q); - checkPublicPointEnconding(oid, V); + checkPublicPointEnconding(curve, Q); + checkPublicPointEnconding(curve, V); const { sharedKey } = await genPrivateEphemeralKey(curve, V, Q, d); const param = buildEcdhParam(enums.publicKey.ecdh, oid, kdfParams, fingerprint); const { keySize } = getCipherParams(kdfParams.cipher); diff --git a/src/crypto/public_key/elliptic/ecdsa.js b/src/crypto/public_key/elliptic/ecdsa.js index 0527c13a..b0797963 100644 --- a/src/crypto/public_key/elliptic/ecdsa.js +++ b/src/crypto/public_key/elliptic/ecdsa.js @@ -46,7 +46,7 @@ const nodeCrypto = util.getNodeCrypto(); */ export async function sign(oid, hashAlgo, message, publicKey, privateKey, hashed) { const curve = new CurveWithOID(oid); - checkPublicPointEnconding(oid, publicKey); + checkPublicPointEnconding(curve, publicKey); if (message && !util.isStream(message)) { const keyPair = { publicKey, privateKey }; switch (curve.type) { @@ -93,7 +93,7 @@ export async function sign(oid, hashAlgo, message, publicKey, privateKey, hashed */ export async function verify(oid, hashAlgo, signature, message, publicKey, hashed) { const curve = new CurveWithOID(oid); - checkPublicPointEnconding(oid, publicKey); + checkPublicPointEnconding(curve, publicKey); // See https://github.com/openpgpjs/openpgpjs/pull/948. // NB: the impact was more likely limited to Brainpool curves, since thanks // to WebCrypto availability, NIST curve should not have been affected. diff --git a/src/crypto/public_key/elliptic/eddsa_legacy.js b/src/crypto/public_key/elliptic/eddsa_legacy.js index b24ab161..b564b176 100644 --- a/src/crypto/public_key/elliptic/eddsa_legacy.js +++ b/src/crypto/public_key/elliptic/eddsa_legacy.js @@ -25,7 +25,7 @@ import nacl from '@openpgp/tweetnacl'; import util from '../../../util'; import enums from '../../../enums'; import hash from '../../hash'; -import { checkPublicPointEnconding } from './oid_curves'; +import { CurveWithOID, checkPublicPointEnconding } from './oid_curves'; /** * Sign a message using the provided legacy EdDSA key @@ -42,7 +42,8 @@ import { checkPublicPointEnconding } from './oid_curves'; * @async */ export async function sign(oid, hashAlgo, message, publicKey, privateKey, hashed) { - checkPublicPointEnconding(oid, publicKey); + const curve = new CurveWithOID(oid); + checkPublicPointEnconding(curve, publicKey); if (hash.getHashByteLength(hashAlgo) < hash.getHashByteLength(enums.hash.sha256)) { // see https://tools.ietf.org/id/draft-ietf-openpgp-rfc4880bis-10.html#section-15-7.2 throw new Error('Hash algorithm too weak for EdDSA.'); @@ -69,7 +70,8 @@ export async function sign(oid, hashAlgo, message, publicKey, privateKey, hashed * @async */ export async function verify(oid, hashAlgo, { r, s }, m, publicKey, hashed) { - checkPublicPointEnconding(oid, publicKey); + const curve = new CurveWithOID(oid); + checkPublicPointEnconding(curve, publicKey); if (hash.getHashByteLength(hashAlgo) < hash.getHashByteLength(enums.hash.sha256)) { throw new Error('Hash algorithm too weak for EdDSA.'); } diff --git a/src/crypto/public_key/elliptic/oid_curves.js b/src/crypto/public_key/elliptic/oid_curves.js index b4526ee7..079c6f43 100644 --- a/src/crypto/public_key/elliptic/oid_curves.js +++ b/src/crypto/public_key/elliptic/oid_curves.js @@ -282,9 +282,8 @@ async function validateStandardParams(algo, oid, Q, d) { * Check whether the public point has a valid encoding. * NB: this function does not check e.g. whether the point belongs to the curve. */ -function checkPublicPointEnconding(oid, V) { - const curveName = oid.getName(); - const { payloadSize, wireFormatLeadingByte } = curves[curveName]; +function checkPublicPointEnconding(curve, V) { + const { payloadSize, wireFormatLeadingByte, name: curveName } = curve; const pointSize = (curveName === enums.curve.curve25519Legacy || curveName === enums.curve.ed25519Legacy) ? payloadSize : payloadSize * 2;