webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tka: guard against key-length panics when verifying signatures

Browse Source 
In late 2022 a subtle but crucial part of documentation was added to ed25519.Verify: It
will panic if len(publicKey) is not [PublicKeySize].

https://cs.opensource.google/go/go/+/02ed0e5e67530e6b041989d55048ce373dc60327

This change catches that error so it won't lead to a panic.

Signed-off-by: Tom DNetto <tom@tailscale.com>
Updates https://github.com/tailscale/corp/issues/8568
This commit is contained in:
Tom DNetto
2023-07-19 12:43:15 -07:00
committed by Tom
parent 486ab427b4
commit bec9815f02
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tka/key.go
+3
View File
@@ -145,6 +145,9 @@ func signatureVerify(s *tkatype.Signature, aumDigest tkatype.AUMSigHash, key Key
// so we should use the public contained in the state machine.
switch key.Kind {
case Key25519:
if len(key.Public) != ed25519.PublicKeySize {
return fmt.Errorf("ed25519 key has wrong length: %d", len(key.Public))
}
if ed25519consensus.Verify(ed25519.PublicKey(key.Public), aumDigest[:], s.Signature) {
return nil
}