crypto: replace ToECDSAPub with error-checking func UnmarshalPubkey (#16932)

ToECDSAPub was unsafe because it returned a non-nil key with nil X, Y in case of invalid input. This change replaces ToECDSAPub with UnmarshalPubkey across the codebase.
2025-01-20 07:39:00 +00:00 · 2018-06-12 15:26:08 +02:00 · 2018-06-12 15:26:08 +02:00 · bcdcf1cc33
commit bcdcf1cc33
parent c4287e578d
2 changed files with 6 additions and 12 deletions
--- a/whisperv5/api.go
+++ b/whisperv5/api.go
@ -252,8 +252,7 @@ func (api *PublicWhisperAPI) Post(ctx context.Context, req NewMessage) (bool, er
 	// Set asymmetric key that is used to encrypt the message
 	if pubKeyGiven {
-		params.Dst = crypto.ToECDSAPub(req.PublicKey)
+		if params.Dst, err = crypto.UnmarshalPubkey(req.PublicKey); err != nil {
 		if !ValidatePublicKey(params.Dst) {
 			return false, ErrInvalidPublicKey
 		}
 	}
@ -329,8 +328,7 @@ func (api *PublicWhisperAPI) Messages(ctx context.Context, crit Criteria) (*rpc.
 	}
 	if len(crit.Sig) > 0 {
-		filter.Src = crypto.ToECDSAPub(crit.Sig)
+		if filter.Src, err = crypto.UnmarshalPubkey(crit.Sig); err != nil {
 		if !ValidatePublicKey(filter.Src) {
 			return nil, ErrInvalidSigningPubKey
 		}
 	}
@ -513,8 +511,7 @@ func (api *PublicWhisperAPI) NewMessageFilter(req Criteria) (string, error) {
 	}
 	if len(req.Sig) > 0 {
-		src = crypto.ToECDSAPub(req.Sig)
+		if src, err = crypto.UnmarshalPubkey(req.Sig); err != nil {
 		if !ValidatePublicKey(src) {
 			return "", ErrInvalidSigningPubKey
 		}
 	}
--- a/whisperv6/api.go
+++ b/whisperv6/api.go
@ -272,8 +272,7 @@ func (api *PublicWhisperAPI) Post(ctx context.Context, req NewMessage) (hexutil.
 	// Set asymmetric key that is used to encrypt the message
 	if pubKeyGiven {
-		params.Dst = crypto.ToECDSAPub(req.PublicKey)
+		if params.Dst, err = crypto.UnmarshalPubkey(req.PublicKey); err != nil {
 		if !ValidatePublicKey(params.Dst) {
 			return nil, ErrInvalidPublicKey
 		}
 	}
@ -360,8 +359,7 @@ func (api *PublicWhisperAPI) Messages(ctx context.Context, crit Criteria) (*rpc.
 	}
 	if len(crit.Sig) > 0 {
-		filter.Src = crypto.ToECDSAPub(crit.Sig)
+		if filter.Src, err = crypto.UnmarshalPubkey(crit.Sig); err != nil {
 		if !ValidatePublicKey(filter.Src) {
 			return nil, ErrInvalidSigningPubKey
 		}
 	}
@ -544,8 +542,7 @@ func (api *PublicWhisperAPI) NewMessageFilter(req Criteria) (string, error) {
 	}
 	if len(req.Sig) > 0 {
-		src = crypto.ToECDSAPub(req.Sig)
+		if src, err = crypto.UnmarshalPubkey(req.Sig); err != nil {
 		if !ValidatePublicKey(src) {
 			return "", ErrInvalidSigningPubKey
 		}
 	}