diff options
| author | Felix Lange <fjl@users.noreply.github.com> | 2017-12-20 20:30:00 +0800 |
|---|---|---|
| committer | Péter Szilágyi <peterke@gmail.com> | 2017-12-20 20:30:00 +0800 |
| commit | ce823c9f84a3ab46003d1167ee54ab59b01092d6 (patch) | |
| tree | 6fcd7b6290ac5c0038f0adf2fd41fe312e570e43 /crypto/signature_nocgo.go | |
| parent | 5e1581c2c3a88754f5f492b8551a96c2f5d4664a (diff) | |
| download | go-tangerine-ce823c9f84a3ab46003d1167ee54ab59b01092d6.tar go-tangerine-ce823c9f84a3ab46003d1167ee54ab59b01092d6.tar.gz go-tangerine-ce823c9f84a3ab46003d1167ee54ab59b01092d6.tar.bz2 go-tangerine-ce823c9f84a3ab46003d1167ee54ab59b01092d6.tar.lz go-tangerine-ce823c9f84a3ab46003d1167ee54ab59b01092d6.tar.xz go-tangerine-ce823c9f84a3ab46003d1167ee54ab59b01092d6.tar.zst go-tangerine-ce823c9f84a3ab46003d1167ee54ab59b01092d6.zip | |
crypto: ensure that VerifySignature rejects malleable signatures (#15708)
* crypto: ensure that VerifySignature rejects malleable signatures
It already rejected them when using libsecp256k1, make sure the nocgo
version does the same thing.
* crypto: simplify check
* crypto: fix build
Diffstat (limited to 'crypto/signature_nocgo.go')
| -rw-r--r-- | crypto/signature_nocgo.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/signature_nocgo.go b/crypto/signature_nocgo.go index 78b99c02b..f636b2377 100644 --- a/crypto/signature_nocgo.go +++ b/crypto/signature_nocgo.go @@ -87,6 +87,10 @@ func VerifySignature(pubkey, hash, signature []byte) bool { if err != nil { return false } + // Reject malleable signatures. libsecp256k1 does this check but btcec doesn't. + if sig.S.Cmp(secp256k1_halfN) > 0 { + return false + } return sig.Verify(hash, key) } |