Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/x509: Panics on some ECDSA keys #13699

Closed
hlandau opened this issue Dec 21, 2015 · 2 comments
Closed

crypto/x509: Panics on some ECDSA keys #13699

hlandau opened this issue Dec 21, 2015 · 2 comments
Assignees
Milestone

Comments

@hlandau
Copy link

@hlandau hlandau commented Dec 21, 2015

x509.ParseECPrivateKey panics on some input values.

Expected outcome: ParseECPrivateKey returns the EC key, or an error if the key is malformed.
Actual outcome: panic.

package main

import (
    "crypto/x509"
    "encoding/pem"
)

// Generated with gnutls's certtool -p --ecdsa. Only some keys
// generated cause Go to panic; this varies randomly.
// This is an example of such a key.
var b = []byte(`
-----BEGIN EC PRIVATE KEY-----
MHgCAQEEIQD59DoEub3DqwH1O+bfgOenvD6ve4f8JOYwpKCql2M2RaAKBggqhkjO
PQMBB6FEA0IABEGlG8MYRhtMOaRQSKFtT8KpNbHqf+hujB+iGdbyQ498f9YpV9NE
LvuUtqI+sOpm3aZj3ELzec2mYwsht4iKXT0=
-----END EC PRIVATE KEY-----
`)

func main() {
    blk, _ := pem.Decode(b)
    x509.ParseECPrivateKey(blk.Bytes)
}
$ go version
go version go1.5.2 linux/amd64
$ go run ./bugtest.go 
panic: runtime error: index out of range

goroutine 1 [running]:
crypto/elliptic.p256GetScalar(0xc820053ce4, 0xc820012b10, 0x21, 0x21)
    /usr/lib/go/src/crypto/elliptic/p256.go:56 +0x135
crypto/elliptic.p256Curve.ScalarBaseMult(0xc82000e480, 0xc820012b10, 0x21, 0x21, 0xc820010c40, 0xc82008e0fa)
    /usr/lib/go/src/crypto/elliptic/p256.go:62 +0x60
crypto/x509.parseECPrivateKey(0x0, 0xc82008e080, 0x7a, 0x7b, 0x6746e0, 0x0, 0x0)
    /usr/lib/go/src/crypto/x509/sec1.go:80 +0x697
crypto/x509.ParseECPrivateKey(0xc82008e080, 0x7a, 0x7b, 0xc820012ae0, 0x0, 0x0)
    /usr/lib/go/src/crypto/x509/sec1.go:33 +0x4c
main.main()
    /home/hugo/Downloads/bugtest.go:18 +0x68

goroutine 17 [syscall, locked to thread]:
runtime.goexit()
    /usr/lib/go/src/runtime/asm_amd64.s:1721 +0x1
exit status 2
@ianlancetaylor ianlancetaylor added this to the Go1.6 milestone Dec 21, 2015
@ianlancetaylor
Copy link
Contributor

@ianlancetaylor ianlancetaylor commented Dec 21, 2015

CC @agl

@agl agl self-assigned this Dec 21, 2015
@gopherbot
Copy link

@gopherbot gopherbot commented Dec 21, 2015

CL https://golang.org/cl/18094 mentions this issue.

@agl agl closed this in 9338f39 Jan 6, 2016
@golang golang locked and limited conversation to collaborators Jan 7, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.