Pad private key when signing & length check for hashes in sign

2 files changed, 19 insertions, 2 deletions

diff --git a/crypto/crypto.go b/crypto/crypto.go
index ac84c6204..3da69ea94 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -5,6 +5,7 @@ import (
 	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/sha256"
+	"fmt"
 
 	"code.google.com/p/go.crypto/ripemd160"
 	"github.com/ethereum/go-ethereum/crypto/secp256k1"
@@ -101,7 +102,11 @@ func SigToPub(hash, sig []byte) *ecdsa.PublicKey {
 }
 
 func Sign(hash []byte, prv *ecdsa.PrivateKey) (sig []byte, err error) {
-	sig, err = secp256k1.Sign(hash, prv.D.Bytes())
+	if len(hash) != 32 {
+		return nil, fmt.Errorf("hash is required to be exactly 32 bytes (%d)", len(hash))
+	}
+
+	sig, err = secp256k1.Sign(hash, ethutil.LeftPadBytes(prv.D.Bytes(), 32))
 	return
 }
 
diff --git a/crypto/crypto_test.go b/crypto/crypto_test.go
index 349bc31ae..441733f93 100644
--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -52,7 +52,7 @@ func BenchmarkSha3(b *testing.B) {
 }
 
 func Test0Key(t *testing.T) {
-
+	t.Skip()
 	key := ethutil.Hex2Bytes("1111111111111111111111111111111111111111111111111111111111111111")
 
 	p, err := secp256k1.GeneratePubKey(key)
@@ -60,3 +60,15 @@ func Test0Key(t *testing.T) {
 	fmt.Printf("%x\n", p)
 	fmt.Printf("%v %x\n", err, addr)
 }
+
+func TestInvalidSign(t *testing.T) {
+	_, err := Sign(make([]byte, 1), nil)
+	if err == nil {
+		t.Errorf("expected sign with hash 1 byte to error")
+	}
+
+	_, err = Sign(make([]byte, 33), nil)
+	if err == nil {
+		t.Errorf("expected sign with hash 33 byte to error")
+	}
+}