diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-11-12 22:47:57 -0500 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-11-12 22:47:56 -0500 |
commit | d3b1804f6ce6f1a2b517a562246447d41ed0ffae (patch) | |
tree | e695b549ec4832ad65d98f972cf22104f420470f | |
parent | d67fa8251f71f7cf5e9709f1e6be27ee7fbf028a (diff) | |
download | cryptography-d3b1804f6ce6f1a2b517a562246447d41ed0ffae.tar.gz cryptography-d3b1804f6ce6f1a2b517a562246447d41ed0ffae.tar.bz2 cryptography-d3b1804f6ce6f1a2b517a562246447d41ed0ffae.zip |
error if the key length for x25519 isn't 32 bytes (#4584)
* error if the key length for x25519 isn't 32 bytes
* also test 33
-rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/x25519.py | 4 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_x25519.py | 7 |
2 files changed, 11 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/primitives/asymmetric/x25519.py b/src/cryptography/hazmat/primitives/asymmetric/x25519.py index e0329f9d..f4bdf3db 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/x25519.py +++ b/src/cryptography/hazmat/primitives/asymmetric/x25519.py @@ -21,6 +21,10 @@ class X25519PublicKey(object): "X25519 is not supported by this version of OpenSSL.", _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM ) + + if len(data) != 32: + raise ValueError("An X25519 public key is 32 bytes long") + return backend.x25519_load_public_bytes(data) @abc.abstractmethod diff --git a/tests/hazmat/primitives/test_x25519.py b/tests/hazmat/primitives/test_x25519.py index 381be201..0f83eb6e 100644 --- a/tests/hazmat/primitives/test_x25519.py +++ b/tests/hazmat/primitives/test_x25519.py @@ -135,3 +135,10 @@ class TestX25519Exchange(object): key = X25519PrivateKey.generate() with pytest.raises(TypeError): key.exchange(object()) + + def test_invalid_length_from_public_bytes(self, backend): + with pytest.raises(ValueError): + X25519PublicKey.from_public_bytes(b"a" * 31) + + with pytest.raises(ValueError): + X25519PublicKey.from_public_bytes(b"a" * 33) |