Commit `65e7ede499`

Frank Denis <github@pureftpd.org>

2025-02-19 19:25:04

crypto.Ed25519.KeyPair: return an error rather than assert

When runtime safety is turned on, `Ed25519.fromSecretKey()` can currently hit an assertion if the format of the secret key is invalid. Return an error instead, so that applications can recover.

master

1 parent 05d8b56

Changed files (1)

lib

std

crypto

25519

ed25519.zig

@@ -299,7 +299,9 @@ pub const Ed25519 = struct {
             if (std.debug.runtime_safety) {
                 const pk_p = try Curve.fromBytes(secret_key.publicKeyBytes());
                 const recomputed_kp = try generateDeterministic(secret_key.seed());
-                debug.assert(mem.eql(u8, &recomputed_kp.public_key.toBytes(), &pk_p.toBytes()));
+                if (!mem.eql(u8, &recomputed_kp.public_key.toBytes(), &pk_p.toBytes())) {
+                    return error.NonCanonical;
+                }
             }
             return KeyPair{
                 .public_key = try PublicKey.fromBytes(secret_key.publicKeyBytes()),

Commit 65e7ede499

Commit `65e7ede499`