You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In crypto/x509/x509.go, we have the following code:
// ParsePKIXPublicKey parses a DER encoded public key. These values are
// typically found in PEM blocks with "BEGIN PUBLIC KEY".
func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error) {
var pki publicKeyInfo
if _, err = asn1.Unmarshal(derBytes, &pki); err != nil {
return
}
algo := getPublicKeyAlgorithmFromOID(pki.Algorithm.Algorithm)
if algo == UnknownPublicKeyAlgorithm {
return nil, errors.New("x509: unknown public key algorithm")
}
return parsePublicKey(algo, &pki)
}
Notice that the rest value is ignored when parsing the public key. If key validity is checked using a hash function, a malicious entity could add bytes after the public key, changing its hash value without altering the key itself. This is unacceptable in x509 implementation.
The text was updated successfully, but these errors were encountered:
We probably need to fix ParsePKIXPublicKey not to ignore the remainder of the DER encoding.
@agl, please speak up if you think the code is correct as is. Otherwise we'll take care of it. Thanks.
---------- Forwarded message ----------
From: jabczynskimichal@gmail.com
Date: Fri, Apr 24, 2015 at 3:36 PM
Subject: [golang-dev] proposal: ASN1 (un)marshalling from Reader/Writer
To: golang-dev@googlegroups.com
Hi golang-dev,
...
In crypto/x509/x509.go, we have the following code:
Notice that the rest value is ignored when parsing the public key. If key validity is checked using a hash function, a malicious entity could add bytes after the public key, changing its hash value without altering the key itself. This is unacceptable in x509 implementation.
The text was updated successfully, but these errors were encountered: