Merge pull request #4210 from randombit/jack/fix-4208

Fix two ways we could end up with null internal states in the new ECC layer
randombit · Jul 14, 2024 · 106e25e · 106e25e
2 parents 041ff24 + 6156e00
commit 106e25e
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 5 deletions.
diff --git a/src/lib/pubkey/ec_group/ec_apoint.cpp b/src/lib/pubkey/ec_group/ec_apoint.cpp
@@ -65,8 +65,11 @@ EC_AffinePoint EC_AffinePoint::hash_to_curve_nu(const EC_Group& group,
 EC_AffinePoint::~EC_AffinePoint() = default;
 
 std::optional<EC_AffinePoint> EC_AffinePoint::deserialize(const EC_Group& group, std::span<const uint8_t> bytes) {
-   auto pt = group._data()->point_deserialize(bytes);
-   return EC_AffinePoint(std::move(pt));
+   if(auto pt = group._data()->point_deserialize(bytes)) {
+      return EC_AffinePoint(std::move(pt));
+   } else {
+      return {};
+   }
 }
 
 EC_AffinePoint EC_AffinePoint::g_mul(const EC_Scalar& scalar, RandomNumberGenerator& rng, std::vector<BigInt>& ws) {

diff --git a/src/lib/pubkey/ec_group/ec_group.cpp b/src/lib/pubkey/ec_group/ec_group.cpp
@@ -210,9 +210,15 @@ std::pair<std::shared_ptr<EC_Group_Data>, bool> EC_Group::BER_decode_EC_group(st
    BER_Object obj = ber.get_next_object();
 
    if(obj.type() == ASN1_Type::ObjectId) {
-      OID dom_par_oid;
-      BER_Decoder(bits).decode(dom_par_oid);
-      return std::make_pair(ec_group_data().lookup(dom_par_oid), false);
+      OID oid;
+      BER_Decoder(bits).decode(oid);
+
+      auto data = ec_group_data().lookup(oid);
+      if(!data) {
+         throw Decoding_Error(fmt("Unknown namedCurve OID '{}'", oid.to_string()));
+      }
+
+      return std::make_pair(data, false);
    }
 
    if(obj.type() == ASN1_Type::Sequence) {