Skip to content

Commit

Permalink
Test for invalid encodings of BLS12381.
Browse files Browse the repository at this point in the history
  • Loading branch information
armfazh committed Jun 10, 2024
1 parent 456fe41 commit d556030
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 2 deletions.
2 changes: 1 addition & 1 deletion ecc/bls12381/g1.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ func (g *G1) SetBytes(b []byte) error {
l = G1SizeCompressed
}
zeros := make([]byte, l-1)
if (b[0]&0x1F) != 0 || subtle.ConstantTimeCompare(b[1:], zeros) != 1 {
if (b[0]&0x1F) != 0 || subtle.ConstantTimeCompare(b[1:l], zeros) != 1 {
return errEncoding
}
g.SetIdentity()
Expand Down
7 changes: 7 additions & 0 deletions ecc/bls12381/g1_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,13 @@ func TestG1Serial(t *testing.T) {
want = *randomG1(t)
}
})
t.Run("badPrefix", func(t *testing.T) {
q := new(G1)
b := make([]byte, G1Size)
for _, b[0] = range []byte{0x20, 0x60, 0xE0} {
test.CheckIsErr(t, q.SetBytes(b), mustErr)
}
})
t.Run("badLength", func(t *testing.T) {
q := new(G1)
p := randomG1(t)
Expand Down
2 changes: 1 addition & 1 deletion ecc/bls12381/g2.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ func (g *G2) SetBytes(b []byte) error {
l = G2SizeCompressed
}
zeros := make([]byte, l-1)
if (b[0]&0x1F) != 0 || subtle.ConstantTimeCompare(b[1:], zeros) != 1 {
if (b[0]&0x1F) != 0 || subtle.ConstantTimeCompare(b[1:l], zeros) != 1 {
return errEncoding
}
g.SetIdentity()
Expand Down
7 changes: 7 additions & 0 deletions ecc/bls12381/g2_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,13 @@ func TestG2Serial(t *testing.T) {
want = *randomG2(t)
}
})
t.Run("badPrefix", func(t *testing.T) {
q := new(G2)
b := make([]byte, G2Size)
for _, b[0] = range []byte{0x20, 0x60, 0xE0} {
test.CheckIsErr(t, q.SetBytes(b), mustErr)
}
})
t.Run("badLength", func(t *testing.T) {
q := new(G2)
p := randomG2(t)
Expand Down

0 comments on commit d556030

Please sign in to comment.