summary refs log tree commit diff
path: root/crypto/src/security
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2021-06-06 20:08:57 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2021-06-06 20:08:57 +0700
commitbea54d9e469082225cd81ad28d55a0bce75b1402 (patch)
treeca5f135f763ef3177cf1c33639ab5573e0722402 /crypto/src/security
parentMerge remote-tracking branch 'origin/master' (diff)
downloadBouncyCastle.NET-ed25519-bea54d9e469082225cd81ad28d55a0bce75b1402.tar.xz
Improve EdDSA/XDH key validation
Diffstat (limited to 'crypto/src/security')
-rw-r--r--crypto/src/security/PrivateKeyFactory.cs20


-rw-r--r--crypto/src/security/PublicKeyFactory.cs16


2 files changed, 14 insertions, 22 deletions
diff --git a/crypto/src/security/PrivateKeyFactory.cs b/crypto/src/security/PrivateKeyFactory.cs
index dfc73c2cd..408c8b6a0 100644
--- a/crypto/src/security/PrivateKeyFactory.cs
+++ b/crypto/src/security/PrivateKeyFactory.cs
@@ -174,26 +174,26 @@ namespace Org.BouncyCastle.Security
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_X25519))
             {
-                return new X25519PrivateKeyParameters(GetRawKey(keyInfo, X25519PrivateKeyParameters.KeySize), 0);
+                return new X25519PrivateKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_X448))
             {
-                return new X448PrivateKeyParameters(GetRawKey(keyInfo, X448PrivateKeyParameters.KeySize), 0);
+                return new X448PrivateKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519))
             {
-                return new Ed25519PrivateKeyParameters(GetRawKey(keyInfo, Ed25519PrivateKeyParameters.KeySize), 0);
+                return new Ed25519PrivateKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448))
             {
-                return new Ed448PrivateKeyParameters(GetRawKey(keyInfo, Ed448PrivateKeyParameters.KeySize), 0);
+                return new Ed448PrivateKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512)
                      || algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256))
             {
                 Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters);
-                ECGost3410Parameters ecSpec = null;
-                BigInteger d = null;
+                ECGost3410Parameters ecSpec;
+                BigInteger d;
                 Asn1Object p = keyInfo.PrivateKeyAlgorithm.Parameters.ToAsn1Object();
                 if (p is Asn1Sequence && (Asn1Sequence.GetInstance(p).Count == 2 || Asn1Sequence.GetInstance(p).Count == 3))
                 {
@@ -280,13 +280,9 @@ namespace Org.BouncyCastle.Security
             }
         }
 
-        private static byte[] GetRawKey(PrivateKeyInfo keyInfo, int expectedSize)
+        private static byte[] GetRawKey(PrivateKeyInfo keyInfo)
         {
-            byte[] result = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets();
-            if (expectedSize != result.Length)
-                throw new SecurityUtilityException("private key encoding has incorrect length");
-
-            return result;
+            return Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets();
         }
 
         public static AsymmetricKeyParameter DecryptKey(
diff --git a/crypto/src/security/PublicKeyFactory.cs b/crypto/src/security/PublicKeyFactory.cs
index 15af90f91..10b2aacdc 100644
--- a/crypto/src/security/PublicKeyFactory.cs
+++ b/crypto/src/security/PublicKeyFactory.cs
@@ -217,19 +217,19 @@ namespace Org.BouncyCastle.Security
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_X25519))
             {
-                return new X25519PublicKeyParameters(GetRawKey(keyInfo, X25519PublicKeyParameters.KeySize), 0);
+                return new X25519PublicKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_X448))
             {
-                return new X448PublicKeyParameters(GetRawKey(keyInfo, X448PublicKeyParameters.KeySize), 0);
+                return new X448PublicKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519))
             {
-                return new Ed25519PublicKeyParameters(GetRawKey(keyInfo, Ed25519PublicKeyParameters.KeySize), 0);
+                return new Ed25519PublicKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448))
             {
-                return new Ed448PublicKeyParameters(GetRawKey(keyInfo, Ed448PublicKeyParameters.KeySize), 0);
+                return new Ed448PublicKeyParameters(GetRawKey(keyInfo));
             }
             else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256)
                 ||   algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
@@ -282,17 +282,13 @@ namespace Org.BouncyCastle.Security
             }
         }
 
-        private static byte[] GetRawKey(SubjectPublicKeyInfo keyInfo, int expectedSize)
+        private static byte[] GetRawKey(SubjectPublicKeyInfo keyInfo)
         {
             /*
              * TODO[RFC 8422]
              * - Require keyInfo.Algorithm.Parameters == null?
              */
-            byte[] result = keyInfo.PublicKeyData.GetOctets();
-            if (expectedSize != result.Length)
-                throw new SecurityUtilityException("public key encoding has incorrect length");
-
-            return result;
+            return keyInfo.PublicKeyData.GetOctets();
         }
 
         private static bool IsPkcsDHParam(Asn1Sequence seq)

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-20 06:34:57 +0000