ed25519,x25519: fix possible bad public key conversion#37
Conversation
There was a problem hiding this comment.
Pull request overview
This PR hardens X.509 DER public-key decoding for the ed25519 and x25519 key types by avoiding unsafe type assertions and returning a proper error instead of panicking when the parsed key is not of the expected type.
Changes:
- Replace direct type assertions with checked assertions (
okidiom) in X.509 DER public key parsing. - Return descriptive errors when
x509.ParsePKIXPublicKeyyields an unexpected key type.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| crypto/x25519/public.go | Makes X.509 DER parsing robust to unexpected public key types by avoiding panics. |
| crypto/ed25519/public.go | Makes X.509 DER parsing robust to unexpected public key types by avoiding panics. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ecdhPub, ok := pub.(*ecdh.PublicKey) | ||
| if !ok { | ||
| return nil, fmt.Errorf("invalid x25519 public key type") | ||
| } |
There was a problem hiding this comment.
There’s no test exercising the new non-panicking error path when ParsePKIXPublicKey returns an unexpected type. Add a unit test that feeds a non-X25519 X.509 public key (e.g., P-256) into PublicKeyFromX509DER and asserts it returns an error (and does not panic), to prevent regressions.
| ed25519Pub, ok := pub.(ed25519.PublicKey) | ||
| if !ok { | ||
| return PublicKey{}, fmt.Errorf("invalid ed25519 public key type") | ||
| } |
There was a problem hiding this comment.
There’s no test covering the newly added error path when ParsePKIXPublicKey returns a non-ed25519 key. Add a unit test that passes an X.509 public key of a different algorithm into PublicKeyFromX509DER and asserts it returns the new error (and does not panic).
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
MichaelMure
force-pushed
the
25519-pubkey-conv
branch
from
c01af65 to
f0c985a
Compare
Note
Medium Risk
Touches cryptographic key parsing: invalid or unexpected X.509 public keys now error instead of panicking or being accepted, which could affect callers relying on previous lax behavior.
Overview
Hardens X.509 public key decoding for
ed25519andx25519by replacing unchecked type assertions with explicit type checks and clear errors.Adds validation that the parsed key is the expected algorithm (and curve for X25519) and that the raw key material is the expected length before constructing the library
PublicKeywrappers.Written by Cursor Bugbot for commit f0c985a. This will update automatically on new commits. Configure here.