diff options
| author | Felix Lange <fjl@twurst.com> | 2015-11-17 00:11:26 +0800 |
|---|---|---|
| committer | Felix Lange <fjl@twurst.com> | 2015-11-17 16:51:59 +0800 |
| commit | 1b29aed1283bd050ac7b782b352a7c87d88d82ab (patch) | |
| tree | 793718628b9f37600532809b4af77be7405517eb /crypto/secp256k1/secp256_test.go | |
| parent | 9422eec55460aaca300cabd52124ed0cbd8dedd3 (diff) | |
| download | go-tangerine-1b29aed1283bd050ac7b782b352a7c87d88d82ab.tar go-tangerine-1b29aed1283bd050ac7b782b352a7c87d88d82ab.tar.gz go-tangerine-1b29aed1283bd050ac7b782b352a7c87d88d82ab.tar.bz2 go-tangerine-1b29aed1283bd050ac7b782b352a7c87d88d82ab.tar.lz go-tangerine-1b29aed1283bd050ac7b782b352a7c87d88d82ab.tar.xz go-tangerine-1b29aed1283bd050ac7b782b352a7c87d88d82ab.tar.zst go-tangerine-1b29aed1283bd050ac7b782b352a7c87d88d82ab.zip | |
crypto/secp256k1: verify recovery ID before calling libsecp256k1
The C library treats the recovery ID as trusted input and crashes
the process for invalid values, so it needs to be verified before
calling into C. This will inhibit the crash in #1983.
Also remove VerifySignature because we don't use it.
Diffstat (limited to 'crypto/secp256k1/secp256_test.go')
| -rw-r--r-- | crypto/secp256k1/secp256_test.go | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/crypto/secp256k1/secp256_test.go b/crypto/secp256k1/secp256_test.go index 45c448f3c..cb71ea5e7 100644 --- a/crypto/secp256k1/secp256_test.go +++ b/crypto/secp256k1/secp256_test.go @@ -56,6 +56,17 @@ func TestSignatureValidity(t *testing.T) { } } +func TestInvalidRecoveryID(t *testing.T) { + _, seckey := GenerateKeyPair() + msg := randentropy.GetEntropyCSPRNG(32) + sig, _ := Sign(msg, seckey) + sig[64] = 99 + _, err := RecoverPubkey(msg, sig) + if err != ErrInvalidRecoveryID { + t.Fatalf("got %q, want %q", err, ErrInvalidRecoveryID) + } +} + func TestSignAndRecover(t *testing.T) { pubkey1, seckey := GenerateKeyPair() msg := randentropy.GetEntropyCSPRNG(32) @@ -70,10 +81,6 @@ func TestSignAndRecover(t *testing.T) { if !bytes.Equal(pubkey1, pubkey2) { t.Errorf("pubkey mismatch: want: %x have: %x", pubkey1, pubkey2) } - err = VerifySignature(msg, sig, pubkey1) - if err != nil { - t.Errorf("signature verification error: %s", err) - } } func TestRandomMessagesWithSameKey(t *testing.T) { |