From 834fecb074d74cb9f31ba45ac6b79e739f87fc28 Mon Sep 17 00:00:00 2001
From: Hubert Kario <hubert@kario.pl>
Date: Thu, 17 Oct 2019 00:37:09 +0200
Subject: [PATCH] don't allow for creation of malformed DER files

when ancoding in ASN.1 the public point has to use uncompressed,
compressed or hybrid representation, raw is not allowed
so disallow it in API
---
 src/ecdsa/keys.py         |  4 ++++
 src/ecdsa/test_pyecdsa.py | 13 +++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/src/ecdsa/keys.py b/src/ecdsa/keys.py
index 8c006b51..ef876216 100644
--- a/src/ecdsa/keys.py
+++ b/src/ecdsa/keys.py
@@ -226,6 +226,8 @@ def to_pem(self):
         return der.topem(self.to_der(), "PUBLIC KEY")
 
     def to_der(self, point_encoding="uncompressed"):
+        if point_encoding == "raw":
+            raise ValueError("raw point_encoding not allowed in DER")
         point_str = b("\x00") + self.to_string(point_encoding)
         return der.encode_sequence(der.encode_sequence(encoded_oid_ecPublicKey,
                                                        self.curve.encoded_oid),
@@ -356,6 +358,8 @@ def to_pem(self):
     def to_der(self, point_encoding="uncompressed"):
         # SEQ([int(1), octetstring(privkey),cont[0], oid(secp224r1),
         #      cont[1],bitstring])
+        if point_encoding == "raw":
+            raise ValueError("raw encoding not allowed in DER")
         encoded_vk = b("\x00") + \
                 self.get_verifying_key().to_string(point_encoding)
         return der.encode_sequence(der.encode_integer(1),
diff --git a/src/ecdsa/test_pyecdsa.py b/src/ecdsa/test_pyecdsa.py
index 36b989df..d3acfde5 100644
--- a/src/ecdsa/test_pyecdsa.py
+++ b/src/ecdsa/test_pyecdsa.py
@@ -277,6 +277,19 @@ def order(self):
         pub2 = VerifyingKey.from_pem(pem)
         self.assertTruePubkeysEqual(pub1, pub2)
 
+    def test_vk_to_der_with_invalid_point_encoding(self):
+        sk = SigningKey.generate()
+        vk = sk.verifying_key
+
+        with self.assertRaises(ValueError):
+            vk.to_der("raw")
+
+    def test_sk_to_der_with_invalid_point_encoding(self):
+        sk = SigningKey.generate()
+
+        with self.assertRaises(ValueError):
+            sk.to_der("raw")
+
     def test_vk_from_der_garbage_after_curve_oid(self):
         type_oid_der = encoded_oid_ecPublicKey
         curve_oid_der = der.encode_oid(*(1, 2, 840, 10045, 3, 1, 1)) + \