From 629032285ba460b42f4c10ce03042856957eac4a Mon Sep 17 00:00:00 2001 From: pleasew8t Date: Mon, 9 Dec 2024 07:30:14 +0200 Subject: [PATCH] address pr comments --- node/pkg/guardiansigner/amazonkms.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/node/pkg/guardiansigner/amazonkms.go b/node/pkg/guardiansigner/amazonkms.go index 01d3bb6887..16dc0dfe7a 100644 --- a/node/pkg/guardiansigner/amazonkms.go +++ b/node/pkg/guardiansigner/amazonkms.go @@ -24,7 +24,8 @@ var ( // The timeout for KMS operations. This is necessary to avoid situations where // the signing or verification is blocked indefinitely. - KMS_TIMEOUT = time.Second * 15 + KMS_TIMEOUT = time.Second * 15 + MINIMUM_KMS_PUBKEY_LENGTH = 65 ) // The ASN.1 structure for an ECDSA signature produced by AWS KMS. @@ -118,6 +119,11 @@ func NewAmazonKmsSigner(ctx context.Context, unsafeDevMode bool, keyPath string) return nil, fmt.Errorf("Failed to unmarshal KMS public key: %w", err) } + // The public key is expected to be at least `MINIMUM_KMS_PUBKEY_LENGTH` bytes long. + if len(asn1Pubkey.PublicKey.Bytes) < MINIMUM_KMS_PUBKEY_LENGTH { + return nil, errors.New("Invalid KMS public key length") + } + // It is possible to use `ethcrypto.UnmarshalPubkey(asn1Pubkey.PublicKey.Bytes)`` to get the public key, // but `UnmarshalPubkey()` uses elliptic.Unmarshal() internally, which has been marked as deprecated. // The following code implements similar logic, with the indexes meaning the following: