diff --git a/blsSignatures/blsSignatures.go b/blsSignatures/blsSignatures.go index 184fa5da2f..b064c6a9f8 100644 --- a/blsSignatures/blsSignatures.go +++ b/blsSignatures/blsSignatures.go @@ -217,6 +217,10 @@ func PublicKeyFromBytes(in []byte, trustedSource bool) (PublicKey, error) { if !trustedSource { return PublicKey{}, errors.New("tried to deserialize unvalidated public key from untrusted source") } + // The most significant bit, when set, indicates that the point is in compressed form. Otherwise, the point is in uncompressed form. + if (in[1] & (1 << 7)) != 0 { + return PublicKey{}, errors.New("invalid serialized public key") + } err := key.Unmarshal(in[1:]) if err != nil { return PublicKey{}, err @@ -228,11 +232,19 @@ func PublicKeyFromBytes(in []byte, trustedSource bool) (PublicKey, error) { } validityProof := new(bls12381.G1Affine) proofBytes := in[1 : 1+proofLen] + // The most significant bit, when set, indicates that the point is in compressed form. Otherwise, the point is in uncompressed form. + if (proofBytes[0] & (1 << 7)) != 0 { + return PublicKey{}, errors.New("invalid serialized validity proof") + } err := validityProof.Unmarshal(proofBytes) if err != nil { return PublicKey{}, err } keyBytes := in[1+proofLen:] + // The most significant bit, when set, indicates that the point is in compressed form. Otherwise, the point is in uncompressed form. + if (keyBytes[0] & (1 << 7)) != 0 { + return PublicKey{}, errors.New("invalid serialized public key") + } err = key.Unmarshal(keyBytes) if err != nil { return PublicKey{}, err @@ -260,6 +272,10 @@ func SignatureToBytes(sig Signature) []byte { } func SignatureFromBytes(in []byte) (Signature, error) { + // The most significant bit, when set, indicates that the point is in compressed form. Otherwise, the point is in uncompressed form. + if (in[0] & (1 << 7)) != 0 { + return nil, errors.New("invalid serialized signature") + } g1 := new(bls12381.G1Affine) err := g1.Unmarshal(in) if err != nil {