Skip to content

Commit

Permalink
Enforce ecdsa length (#1934)
Browse files Browse the repository at this point in the history
* Enforce ecdsa length

* Optimize

* use ReadOnlySpan<byte>

* Remove using

* Optimize

* Optimize

Co-authored-by: Erik Zhang <[email protected]>
  • Loading branch information
shargon and erikzhang authored Sep 15, 2020
1 parent 1ec60fb commit 64c3a87
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 12 deletions.
8 changes: 3 additions & 5 deletions src/neo/Cryptography/ECC/ECDsa.cs
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,11 @@ public ECDsa(ECPoint publicKey)

private BigInteger CalculateE(BigInteger n, ReadOnlySpan<byte> message)
{
int messageBitLength = message.Length * 8;
BigInteger trunc = new BigInteger(message, isUnsigned: true, isBigEndian: true);
if (n.GetBitLength() < messageBitLength)
if (n.GetBitLength() != (message.Length * 8))
{
trunc >>= messageBitLength - n.GetBitLength();
throw new ArgumentException($"Message must be {n.GetBitLength()} bit length");
}
return trunc;
return new BigInteger(message, isUnsigned: true, isBigEndian: true);
}

public BigInteger[] GenerateSignature(ReadOnlySpan<byte> message)
Expand Down
20 changes: 13 additions & 7 deletions tests/neo.UnitTests/Cryptography/ECC/UT_ECDSA.cs
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
using Microsoft.VisualStudio.TestTools.UnitTesting;
using Neo.Cryptography.ECC;
using Neo.IO;
using System;
using ECCurve = Neo.Cryptography.ECC.ECCurve;

Expand All @@ -12,19 +13,24 @@ public class UT_ECDSA
public void GenerateSignature()
{
var ecdsa = new ECDsa(ECCurve.Secp256k1.Infinity);
Assert.ThrowsException<InvalidOperationException>(() => ecdsa.GenerateSignature(new byte[0]));
Assert.ThrowsException<InvalidOperationException>(() => ecdsa.GenerateSignature(UInt256.Zero.ToArray()));
Assert.ThrowsException<ArgumentException>(() => ecdsa.VerifySignature(new byte[0], 1, 2));

var pk = new byte[32];
for (int x = 0; x < pk.Length; x++) pk[x] = (byte)x;

ecdsa = new ECDsa(pk, ECCurve.Secp256k1);
var sig = ecdsa.GenerateSignature(new byte[] { 1 });

Assert.IsTrue(ecdsa.VerifySignature(new byte[] { 1 }, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(new byte[] { 2 }, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(new byte[] { 1 }, sig[0] + 1, sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(new byte[] { 1 }, sig[0], sig[1] + 1));
Assert.IsFalse(ecdsa.VerifySignature(new byte[33], sig[0], sig[1]));
var zero = UInt256.Zero.ToArray();
var one = UInt256.Parse("0100000000000000000000000000000000000000000000000000000000000000").ToArray();
var two = UInt256.Parse("0200000000000000000000000000000000000000000000000000000000000000").ToArray();
var sig = ecdsa.GenerateSignature(one);

Assert.IsTrue(ecdsa.VerifySignature(one, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(two, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(one, sig[0] + 1, sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(one, sig[0], sig[1] + 1));
Assert.IsFalse(ecdsa.VerifySignature(zero, sig[0], sig[1]));
}
}
}

0 comments on commit 64c3a87

Please sign in to comment.