ssh-key: simplified ECDSA private key decoding logic

tarcieri · tarcieri · commit d465f08dae43 · 2025-04-19T10:08:10.000-06:00
Followup to #351
diff --git a/ssh-key/src/private/ecdsa.rs b/ssh-key/src/private/ecdsa.rs
@@ -39,27 +39,27 @@ impl<const SIZE: usize> Decode for EcdsaPrivateKey<SIZE> {
 
     fn decode(reader: &mut impl Reader) -> Result<Self> {
         reader.read_prefixed(|reader| {
-            let len = reader.remaining_len();
+            let mut len = reader.remaining_len();
+
+            // Strip leading zero if necessary:
+            // `mpint` is signed and may need a leading zero for unsigned integers
             if len == SIZE.checked_add(1).ok_or(encoding::Error::Length)? {
-                // Strip leading zero
                 // TODO(tarcieri): make sure leading zero was necessary
                 if u8::decode(reader)? != 0 {
                     return Err(Error::FormatEncoding);
                 }
+
+                len = len.checked_sub(1).ok_or(encoding::Error::Length)?;
             }
 
-            let mut bytes = [0u8; SIZE];
-            if SIZE == 66 {
-                // https://stackoverflow.com/questions/50002149/why-p-521-public-key-x-y-some-time-is-65-bytes-some-time-is-66-bytes
-                // although lower keys than 64 are vanishingly possible, but lets stop here
-                if len > 63 {
-                    reader.read(&mut bytes[..core::cmp::min(len, SIZE)])?;
-                } else {
-                    return Err(encoding::Error::Length.into());
-                }
-            } else {
-                reader.read(&mut bytes)?;
+            // Minimum allowed key size: may be smaller than modulus size
+            const MIN_SIZE: usize = 32;
+            if len < MIN_SIZE || len > SIZE {
+                return Err(encoding::Error::Length.into());
             }
+
+            let mut bytes = [0u8; SIZE];
+            reader.read(&mut bytes[..len])?;
             Ok(Self { bytes })
         })
     }
