Merge pull request #37 from MetaMask/25519-pubkey-conv

MichaelMure · web-flow · commit 42ad0371fedf · 2026-04-01T17:22:24.000+02:00
ed25519,x25519: fix possible bad public key conversion
diff --git a/crypto/ed25519/public.go b/crypto/ed25519/public.go
@@ -55,7 +55,14 @@ func PublicKeyFromX509DER(bytes []byte) (PublicKey, error) {
 	if err != nil {
 		return PublicKey{}, err
 	}
-	return PublicKey{k: pub.(ed25519.PublicKey)}, nil
+	ed25519Pub, ok := pub.(ed25519.PublicKey)
+	if !ok {
+		return PublicKey{}, fmt.Errorf("invalid ed25519 public key type")
+	}
+	if len(ed25519Pub) != PublicKeyBytesSize {
+		return PublicKey{}, fmt.Errorf("invalid ed25519 public key size")
+	}
+	return PublicKey{k: ed25519Pub}, nil
 }
 
 // PublicKeyFromX509PEM decodes an X.509 PEM (string) encoded public key.
diff --git a/crypto/x25519/public.go b/crypto/x25519/public.go
@@ -101,7 +101,18 @@ func PublicKeyFromX509DER(bytes []byte) (*PublicKey, error) {
 	if err != nil {
 		return nil, err
 	}
-	return &PublicKey{k: pub.(*ecdh.PublicKey)}, nil
+	ecdhPub, ok := pub.(*ecdh.PublicKey)
+	if !ok {
+		return nil, fmt.Errorf("invalid x25519 public key type")
+	}
+	if ecdhPub.Curve() != ecdh.X25519() {
+		return nil, fmt.Errorf("invalid x25519 curve")
+	}
+	keyBytes := ecdhPub.Bytes()
+	if len(keyBytes) != PublicKeyBytesSize {
+		return nil, fmt.Errorf("invalid x25519 public key size")
+	}
+	return &PublicKey{k: ecdhPub}, nil
 }
 
 // PublicKeyFromX509PEM decodes an X.509 PEM (string) encoded public key.
