From aaf7e1338d6cdb1b4e01ad318938b3eaea2f922b Mon Sep 17 00:00:00 2001
From: Florian Dold <florian.dold@gmail.com>
Date: Sat, 30 Nov 2019 00:36:20 +0100
Subject: wallet robustness WIP

---
 src/crypto/talerCrypto.ts | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/crypto/talerCrypto.ts')

diff --git a/src/crypto/talerCrypto.ts b/src/crypto/talerCrypto.ts
index b754b0c57..317b1af55 100644
--- a/src/crypto/talerCrypto.ts
+++ b/src/crypto/talerCrypto.ts
@@ -237,6 +237,9 @@ function rsaFullDomainHash(hm: Uint8Array, rsaPub: RsaPub): bigint.BigInteger {
 function rsaPubDecode(rsaPub: Uint8Array): RsaPub {
   const modulusLength = (rsaPub[0] << 8) | rsaPub[1];
   const exponentLength = (rsaPub[2] << 8) | rsaPub[3];
+  if (4 + exponentLength + modulusLength != rsaPub.length) {
+    throw Error("invalid RSA public key (format wrong)");
+  }
   const modulus = rsaPub.slice(4, 4 + modulusLength);
   const exponent = rsaPub.slice(
     4 + modulusLength,
-- 
cgit v1.2.3