File 1135-public_key-Handle-EDDSA-public-key-decoding-correctl.patch of Package erlang
From 279c9159dde20ca822c9f7033b8e6ac605ad8d2e Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 13 Nov 2024 12:29:53 +0100
Subject: [PATCH] public_key: Handle EDDSA public key decoding correctly
Closed #9009
---
lib/public_key/src/public_key.erl | 8 +++++++-
lib/public_key/test/public_key_SUITE.erl | 16 ++++++++++++++++
.../test/public_key_SUITE_data/public_eddsa.pem | 3 +++
3 files changed, 26 insertions(+), 1 deletion(-)
create mode 100644 lib/public_key/test/public_key_SUITE_data/public_eddsa.pem
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 3cb9fea632..f7c5dbc607 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -221,7 +221,7 @@ pem_entry_decode({'SubjectPublicKeyInfo', Der, _}) ->
{params, DssParams} = der_decode('DSAParams', Params),
{der_decode(KeyType, Key0), DssParams};
'ECPoint' ->
- ECCParams = der_decode('EcpkParameters', Params),
+ ECCParams = ec_decode_params(AlgId, Params),
{#'ECPoint'{point = Key0}, ECCParams}
end;
pem_entry_decode({{no_asn1,new_openssh}, Special, not_encrypted}) ->
@@ -1438,6 +1438,12 @@ cacerts_clear() ->
%%--------------------------------------------------------------------
%%% Internal functions
%%--------------------------------------------------------------------
+ec_decode_params(AlgId, _) when AlgId == ?'id-Ed25519';
+ AlgId == ?'id-Ed448' ->
+ {namedCurve, AlgId};
+ec_decode_params(_, Params) ->
+ der_decode('EcpkParameters', Params).
+
default_options([]) ->
[{rsa_padding, rsa_pkcs1_padding}];
default_options(Opts) ->
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 1a779e03bd..b8003fe88d 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -59,6 +59,8 @@
ec_priv_pkcs8/1,
eddsa_priv_pkcs8/0,
eddsa_priv_pkcs8/1,
+ eddsa_pub/0,
+ eddsa_pub/1,
eddsa_priv_rfc5958/0,
eddsa_priv_rfc5958/1,
init_ec_pem_encode_generated/1,
@@ -457,6 +459,20 @@ eddsa_priv_rfc5958(Config) when is_list(Config) ->
ECPemNoEndNewLines = strip_superfluous_newlines(ECPrivPem),
ECPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PrivEntry0])).
+eddsa_pub() ->
+ [{doc, "EDDSA PKCS8 public key decode/encode"}].
+eddsa_pub(Config) when is_list(Config) ->
+ Datadir = proplists:get_value(data_dir, Config),
+ {ok, EDDSAPubPem} = file:read_file(filename:join(Datadir, "public_eddsa.pem")),
+ [{'SubjectPublicKeyInfo', _, not_encrypted} = Key] = PemEntry =
+ public_key:pem_decode(EDDSAPubPem),
+ EDDSAPubKey = public_key:pem_entry_decode(PemEntry),
+ true = check_entry_type(EDDSAPubKey, 'ECPoint'),
+ {_, {namedCurve, ?'id-Ed25519'}} = EDDSAPubKey,
+ PrivEntry0 = public_key:pem_entry_encode('SubjectPublicKeyInfo', EDDSAPubKey),
+ ECPemNoEndNewLines = strip_superfluous_newlines(EDDSAPubPem),
+ ECPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PemEntry])).
+
init_ec_pem_encode_generated(Config) ->
case catch true = lists:member('secp384r1', crypto:ec_curves()) of
{'EXIT', _} -> {skip, {'secp384r1', not_supported}};
diff --git a/lib/public_key/test/public_key_SUITE_data/public_eddsa.pem b/lib/public_key/test/public_key_SUITE_data/public_eddsa.pem
new file mode 100644
index 0000000000..43db3af730
--- /dev/null
+++ b/lib/public_key/test/public_key_SUITE_data/public_eddsa.pem
@@ -0,0 +1,3 @@
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEAzVMFUvlbihtNisegppBVAct8qRH2Ql3KZ57JAxt8Gms=
+-----END PUBLIC KEY-----
--
2.43.0
