Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-06-07 14:46:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Throw when parsing v6 keys using legacy curve25519

Browse Source
This commit is contained in:
larabr 2023-09-26 15:30:44 +02:00
parent 7c2248151d
commit c7efef60ac
2 changed files with 25 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/packet/public_key.js
View File

@ -124,6 +124,17 @@ class PublicKeyPacket {
// - A series of values comprising the key material. // - A series of values comprising the key material.
const { read, publicParams } = crypto.parsePublicKeyParams(this.algorithm, bytes.subarray(pos)); const { read, publicParams } = crypto.parsePublicKeyParams(this.algorithm, bytes.subarray(pos));
// The deprecated OIDs for Ed25519Legacy and Curve25519Legacy are used in legacy version 4 keys and signatures.
// Implementations MUST NOT accept or generate v6 key material using the deprecated OIDs.
if (
this.version === 6 &&
publicParams.oid && (
publicParams.oid.getName() === enums.curve.curve25519Legacy ||
publicParams.oid.getName() === enums.curve.ed25519Legacy
)
) {
throw new Error('Legacy curve25519 cannot be used with v6 keys');
}
this.publicParams = publicParams; this.publicParams = publicParams;
pos += read; pos += read;

30
test/general/signature.js
View File

@ -1089,25 +1089,23 @@ eSvSZutLuKKbidSYMLhWROPlwKc2GU2ws6PrLZAyCAel/lU=
// signature with salt shorter than expected // signature with salt shorter than expected
const armoredMessage = `-----BEGIN PGP MESSAGE----- const armoredMessage = `-----BEGIN PGP MESSAGE-----
xEQGAQoWHgTCf3OkPcYPPB6GmoMeaOz1wYXbuSvHxW/PVbRIynPv5yU3YApt xDQGAQgbDpdDiCIrq6YZAf5vD3wFIucHRyMNlExatdj6sQcW2FA/vV5eZGCv
KDJPb4mCbmxvCoKjGx6CMjDpDsVB+wDFAcsLdQBlEWcKaGVsbG/CmgYBFgoA mBUS4Mqqki4ByxR1AGUddyNUaGlzIGlzIHNpZ25lZMKGBgEbCAAAACkFgmUd
AAApBYJlEWcKIqEGc+/nJTdgCm0oMk9viYJubG8KgqMbHoIyMOkOxUH7AMUA dyMioQYi5wdHIw2UTFq12PqxBxbYUD+9Xl5kYK+YFRLgyqqSLgAAAADZ9w6X
AAAA5GYeBMJ/c6Q9xg88Hoaagx5o7PXBhdu5K8fFb89VtEjKAQCW/XwAPo2V Q4giK6umGQH+bw98BS96KSXxW39Ue6hNxbSoc5xOqYnTsD+75FYdR1U9fco/
ugvc1634oGA/74j7KonU2qdl0LvxVJuB2wEAtutHh3wry/SNkc+japCGO4u4 HDpH7axPa2euIDpwT60NedSjcTx7C9Sots4mTvjMwQQ=
XjIVmkzQNtymmOECUwI=
-----END PGP MESSAGE-----`; -----END PGP MESSAGE-----`;
const key = await openpgp.readKey({ armoredKey: `-----BEGIN PGP PRIVATE KEY BLOCK----- const key = await openpgp.readKey({ armoredKey: `-----BEGIN PGP PRIVATE KEY BLOCK-----
xVoGZRFjtxYAAAAtCSsGAQQB2kcPAQEHQJRcfAi8wlCCWAeBcvpRO6iL5YK8 xUsGZR13GRsAAAAgcCI5M7vPn+9uD1ii8nnT/schP5BjXXTyr+q7EmSlcaoA
1e8BVcOkAGVXKDguAAEAxIUb1xswIKPfVEyOZkqSFukVOegoArxIeEuDaoK0 /OkLygFTbUdwt6hMlfcNyUmS058WSIHxaVtG4uSfyjbCmQYfGwgAAAA6BYJl
feXCrQYfFgoAAAA6BYJlEWO3AwsJBwMVCAoCFgACmwMCHgEioQZz7+clN2AK HXcZAwsJBwMVCAoCFgACmwMCHgEioQYi5wdHIw2UTFq12PqxBxbYUD+9Xl5k
bSgyT2+Jgm5sbwqCoxsegjIw6Q7FQfsAxQAAAACBKyDA5Ih9cWlc9o5NUzmo YK+YFRLgyqqSLgAAAABCZxAAxl8ycoAAY74DEPZDnfSYLP+dqdM8QZ3b/Mp4
jSCtKhy54bBzfRX0t9Jha4BfZwD9FvmhOEpJAnYRDmBrEiaO4okM3D6eNZz9 fnzOcVI4RvaxAjp3GZVXxisSS36A2fUx2lpj38y1tIvnnlShfpuylTp73foT
rmGZkLT9oJMBAI6UbwsjgWw42W85Kb57tfYdF/779TrLHcNRZLNV0p8NzQDC DVf/bROnAM0AwosGEBsIAAAALAWCZR13GQIZASKhBiLnB0cjDZRMWrXY+rEH
nwYQFgoAAAAsBYJlEWO3AhkBIqEGc+/nJTdgCm0oMk9viYJubG8KgqMbHoIy FthQP71eXmRgr5gVEuDKqpIuAAAAAFEEEFrhrlN40SgxwpL3UaSWs6F5pD83
MOkOxUH7AMUAAAAAV2kgOkNvj/g+Q6hFcHcpRFekCUxOons+JgXE+lxuKnbt AOtaXLA/e9gFPNgiLnuid3AqUaFa6JlhWf4N/Md6SMQJ5cC7ATxTJ2a3xAMY
l10BAO7pYlHAee5dxkzQI3WPiiYFt/OYrnr7fT5QadRZhAutAP9n5bvQaoLX 5UsE6+HN099QVLx95CMP
vfHp79dKJnU1qDnSTEshB7ytt9I3Ze+DAQ==
-----END PGP PRIVATE KEY BLOCK-----` }); -----END PGP PRIVATE KEY BLOCK-----` });
const { signatures } = await openpgp.verify({ const { signatures } = await openpgp.verify({