mirror of
https://github.com/ethereum/go-ethereum.git
synced 2026-02-26 07:37:20 +00:00
c974722dc0
Fix ECIES invalid-curve handling in RLPx handshake (reject invalid ephemeral pubkeys early) - Add curve validation in crypto/ecies.GenerateShared to reject invalid public keys before ECDH. - Update RLPx PoC test to assert invalid curve points fail with ErrInvalidPublicKey. Motivation / Context RLPx handshake uses ECIES decryption on unauthenticated network input. Prior to this change, an invalid-curve ephemeral public key would proceed into ECDH and only fail at MAC verification, returning ErrInvalidMessage. This allows an oracle on decrypt success/failure and leaves the code path vulnerable to invalid-curve/small-subgroup attacks. The fix enforces IsOnCurve validation up front. |
||
|---|---|---|
| .. | ||
| blake2b | ||
| bn256 | ||
| ecies | ||
| kzg4844 | ||
| secp256k1 | ||
| secp256r1 | ||
| signify | ||
| crypto.go | ||
| crypto_test.go | ||
| keccak.go | ||
| keccak_ziren.go | ||
| signature_cgo.go | ||
| signature_nocgo.go | ||
| signature_test.go | ||