disallow Messages that are not valid secret keys to prevent mistakes related to 0

This commit is contained in:
Andrew Poelstra 2018-08-15 17:05:17 +00:00
parent 4b88cfc2fc
commit f93b959b4a
1 changed files with 12 additions and 12 deletions

View File

@ -504,6 +504,10 @@ impl Message {
/// Converts a `MESSAGE_SIZE`-byte slice to a message object
#[inline]
pub fn from_slice(data: &[u8]) -> Result<Message, Error> {
if data == &[0; constants::MESSAGE_SIZE] {
return Err(Error::InvalidMessage);
}
match data.len() {
constants::MESSAGE_SIZE => {
let mut ret = [0; constants::MESSAGE_SIZE];
@ -515,13 +519,6 @@ impl Message {
}
}
/// Creates a message from a `MESSAGE_SIZE` byte array
impl From<[u8; constants::MESSAGE_SIZE]> for Message {
fn from(buf: [u8; constants::MESSAGE_SIZE]) -> Message {
Message(buf)
}
}
/// An ECDSA error
#[derive(Copy, PartialEq, Eq, Clone, Debug)]
pub enum Error {
@ -990,17 +987,16 @@ mod tests {
s.randomize(&mut thread_rng());
// Wild keys: 1, CURVE_ORDER - 1
// Wild msgs: 0, 1, CURVE_ORDER - 1, CURVE_ORDER
// Wild msgs: 1, CURVE_ORDER - 1
let mut wild_keys = [[0; 32]; 2];
let mut wild_msgs = [[0; 32]; 4];
let mut wild_msgs = [[0; 32]; 2];
wild_keys[0][0] = 1;
wild_msgs[1][0] = 1;
wild_msgs[0][0] = 1;
use constants;
wild_keys[1][..].copy_from_slice(&constants::CURVE_ORDER[..]);
wild_msgs[1][..].copy_from_slice(&constants::CURVE_ORDER[..]);
wild_msgs[2][..].copy_from_slice(&constants::CURVE_ORDER[..]);
wild_keys[1][0] -= 1;
wild_msgs[1][0] -= 1;
@ -1079,7 +1075,11 @@ mod tests {
Err(InvalidMessage));
assert_eq!(Message::from_slice(&[0; constants::MESSAGE_SIZE + 1]),
Err(InvalidMessage));
assert!(Message::from_slice(&[0; constants::MESSAGE_SIZE]).is_ok());
assert_eq!(
Message::from_slice(&[0; constants::MESSAGE_SIZE]),
Err(InvalidMessage)
);
assert!(Message::from_slice(&[1; constants::MESSAGE_SIZE]).is_ok());
}
#[test]