Skip to content

Commit 3d4eb24

Browse files
dkgdkg
committed
When a curve is unknown, treat the EC point as an opaque MPI
1 parent d4f0e18 commit 3d4eb24

File tree

2 files changed

+22
-13
lines changed

2 files changed

+22
-13
lines changed

pgpy/packet/fields.py

Lines changed: 22 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -539,9 +539,12 @@ def verify(self, subj, sigbytes, hash_alg):
539539
def parse(self, packet):
540540
self.oid = EllipticCurveOID.parse(packet)
541541

542-
self.p = ECPoint(packet)
543-
if self.p.format != ECPointFormat.Standard:
544-
raise PGPIncompatibleECPointFormatError("Only Standard format is valid for ECDSA")
542+
if isinstance(self.oid, EllipticCurveOID):
543+
self.p = ECPoint(packet)
544+
if self.p.format != ECPointFormat.Standard:
545+
raise PGPIncompatibleECPointFormatError("Only Standard format is valid for ECDSA")
546+
else:
547+
self.p = MPI(packet)
545548

546549

547550
class EdDSAPub(PubKey):
@@ -583,9 +586,12 @@ def verify(self, subj, sigbytes, hash_alg):
583586
def parse(self, packet):
584587
self.oid = EllipticCurveOID.parse(packet)
585588

586-
self.p = ECPoint(packet)
587-
if self.p.format != ECPointFormat.Native:
588-
raise PGPIncompatibleECPointFormatError("Only Native format is valid for EdDSA")
589+
if isinstance(self.oid, EllipticCurveOID):
590+
self.p = ECPoint(packet)
591+
if self.p.format != ECPointFormat.Native:
592+
raise PGPIncompatibleECPointFormatError("Only Native format is valid for EdDSA")
593+
else:
594+
self.p = MPI(packet)
589595

590596

591597
class ECDHPub(PubKey):
@@ -649,12 +655,16 @@ def parse(self, packet):
649655
"""
650656
self.oid = EllipticCurveOID.parse(packet)
651657

652-
self.p = ECPoint(packet)
653-
if self.oid == EllipticCurveOID.Curve25519:
654-
if self.p.format != ECPointFormat.Native:
655-
raise PGPIncompatibleECPointFormatError("Only Native format is valid for Curve25519")
656-
elif self.p.format != ECPointFormat.Standard:
657-
raise PGPIncompatibleECPointFormatError("Only Standard format is valid for this curve")
658+
if isinstance(self.oid, EllipticCurveOID):
659+
self.p = ECPoint(packet)
660+
if self.oid == EllipticCurveOID.Curve25519:
661+
if self.p.format != ECPointFormat.Native:
662+
raise PGPIncompatibleECPointFormatError("Only Native format is valid for Curve25519")
663+
elif self.p.format != ECPointFormat.Standard:
664+
raise PGPIncompatibleECPointFormatError("Only Standard format is valid for this curve")
665+
else:
666+
self.p = MPI(packet)
667+
658668
self.kdf.parse(packet)
659669

660670

tests/test_06_compatibility.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,6 @@ def test_cert_unknown_subkey_algo(self) -> None:
4545
@pytest.mark.parametrize('flavor', ['ecdsa', 'eddsa', 'ecdh'])
4646
def test_cert_unknown_curve(self, flavor:str) -> None:
4747
k:PGPKey
48-
pytest.xfail(f'cannot handle certificates containing subkeys with unknown OIDs for {flavor}')
4948
(k, _) = PGPKey.from_file(f'tests/testdata/compatibility/bob_with_unknown_{flavor}_curve.pgp')
5049
assert k.check_soundness() == SecurityIssues.OK
5150

0 commit comments

Comments
 (0)