From cc8b4edeef64ab1c10f38e4679ac17f16a2bdee0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hanno=20B=C3=B6ck?= <990588+hannob@users.noreply.github.com>
Date: Sat, 1 Feb 2025 07:18:58 +0100
Subject: [PATCH] Make code robust for XML keys with garbage input data

---
 keyfinder.py                              |  2 +-
 tests/data/invalid/xkms-invalidbinary.xml | 11 +++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)
 create mode 100644 tests/data/invalid/xkms-invalidbinary.xml

diff --git a/keyfinder.py b/keyfinder.py
index e104143..fbfd7f9 100755
--- a/keyfinder.py
+++ b/keyfinder.py
@@ -308,7 +308,7 @@ def getxmlkey(kstr):
         n = int.from_bytes(base64.b64decode(n), byteorder="big")
         e = int.from_bytes(base64.b64decode(e), byteorder="big")
         d = int.from_bytes(base64.b64decode(d), byteorder="big")
-    except binascii.Error:
+    except (binascii.Error, ValueError):
         return None
     return makersa(n, e, d)
 
diff --git a/tests/data/invalid/xkms-invalidbinary.xml b/tests/data/invalid/xkms-invalidbinary.xml
new file mode 100644
index 0000000..2cb06a0
--- /dev/null
+++ b/tests/data/invalid/xkms-invalidbinary.xml
@@ -0,0 +1,11 @@
+<RSAKeyPair xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.w3.org/2002/03/xkms#">
+<!-- XKMS key with binary garbage data -->
+<Modulus>sÔ¶ç”Q{FTH</Modulus>
+<Exponent>AQAB</Exponent>
+<P>Xgjziw==</P>
+<Q>30OIuw==</Q>
+<DP>c8y+Rw==</DP>
+<DQ>Enz9Bw==</DQ>
+<InverseQ>jXsByw==</InverseQ>
+<D>TValP0==</D>
+</RSAKeyPair>