personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2026-05-15 20:37:36 +02:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

don't panic on bad ed25519 key lengths (#1601)
Some checks failed
gofmt / Run gofmt (push) Failing after 4s
Details
smoke-extra / Run extra smoke tests (push) Failing after 3s
Details
smoke / Run multi node smoke test (push) Failing after 3s
Details
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Details
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Details
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Details
Build and test / Build and test on macos-latest (push) Has been cancelled
Details
Build and test / Build and test on windows-latest (push) Has been cancelled
Details

Browse Source 
* don't panic on bad ed25519 key lengths

* don't allow mismatched curves

* add test
This commit is contained in:
Jack Doan
2026-05-06 17:00:07 -05:00
committed by GitHub
parent 213dd46588
commit a82a8dc547
5 changed files with 39 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cert/cert_v1.go
View File

@@ -112,6 +112,9 @@ func (c *certificateV1) CheckSignature(key []byte) bool {
}
switch c.details.curve {
case Curve_CURVE25519:
if len(key) != ed25519.PublicKeySize {
return false //avoids a panic internal to ed25519
}
return ed25519.Verify(key, b, c.signature)
case Curve_P256:
pubKey, err := ecdsa.ParseUncompressedPublicKey(elliptic.P256(), key)