• Adam Langley's avatar
    crypto/x509: handle ECC private keys with the wrong length. · 9338f394
    Adam Langley authored
    SEC-1 says: “The component privateKey is the private key defined to be
    the octet string of length ⌊log₂(n)/8⌋ (where n is the order of the
    curve)”.
    
    Previously the code for parsing ECC private keys would panic (on
    non-amd64) when the private was too long. It would also pass a too-short
    private key to crypto/elliptic, possibly resulting in undesirable
    behaviour.
    
    This change makes the parsing function handle both too much and too
    little padding because GnuTLS does the former and OpenSSL did the latter
    until 30cd4ff294252c4b6a4b69cbef6a5b4117705d22. It also causes
    serialisation to pad private keys correctly.
    
    Fixes #13699
    
    Change-Id: If9c2faeaeb45af8a4d7770d784f3d2633e7f8290
    Reviewed-on: https://go-review.googlesource.com/18094
    Run-TryBot: Adam Langley <agl@golang.org>
    Reviewed-by: 's avatarAdam Langley <agl@golang.org>
    Reviewed-by: 's avatarRuss Cox <rsc@golang.org>
    9338f394
sec1_test.go 2.3 KB