Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tough: fix ecdsa key reading #737

Merged
merged 1 commit into from
Jan 9, 2024
Merged

tough: fix ecdsa key reading #737

merged 1 commit into from
Jan 9, 2024

Conversation

Xynnn007
Copy link
Contributor

In the ecdsa public key, there are two OIDs to specify the key type and the curve. In the decode logic OID_EC_PUBLIC_KEY and OID_EC_PARAM_SECP256R1 are specified.

However, in ring::io::der every read would only read one OID. Current code does not read the second OID and use the first OID to compared the given OID_EC_PARAM_SECP256R1 one. Thus all legal pem ecdsa keys would be deserialized unsuccessfully.

@Xynnn007
tough: fix ecdsa key reading
6016b54 
In the ecdsa public key, there are two OIDs to specify the key type and
the curve. In the decode logic OID_EC_PUBLIC_KEY and
OID_EC_PARAM_SECP256R1 are specified.

However, in `ring::io::der` every read would only read one OID. Current
code does not read the second OID and use the first OID to compared the
given OID_EC_PARAM_SECP256R1 one. Thus all legal pem ecdsa keys would be
deserialized unsuccessfully.

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
@Xynnn007 Xynnn007 mentioned this pull request Dec 29, 2023
Closed
@cbgbt
Copy link
Contributor

cbgbt commented Jan 5, 2024

Thanks for the PR! I'll have a look, though I have some learning to do to give a useful review.

@cbgbt cbgbt merged commit 7f30c64 into awslabs:develop Jan 9, 2024
7 checks passed
@Xynnn007 Xynnn007 deleted the fix-ecdsa-pem-read branch January 10, 2024 02:23
@Xynnn007
Copy link
Contributor Author

Hi @cbgbt @bcressey Thanks for reviewing/merging this. When will the next crate release be published including this patch?

@Xynnn007 Xynnn007 mentioned this pull request Feb 27, 2024
Closed
@Xynnn007
Copy link
Contributor Author

Xynnn007 commented Mar 8, 2024

Kindly ping again @cbgbt @bcressey . When will the next crate release be published including this patch?

@webern
Copy link
Contributor

webern commented Mar 16, 2024

Kindly ping again @cbgbt @bcressey . When will the next crate release be published including this patch?

This is released, sorry for the delay. Unfortunately #755 isn't in this release so we will need to do another release as soon as we can.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cbgbt cbgbt cbgbt approved these changes

@bcressey bcressey bcressey approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Xynnn007 @cbgbt @webern @bcressey