Skip to content

Commit

Permalink
Merge pull request #5690 from oasisprotocol/peternose/trivial/fix-thr…
Browse files Browse the repository at this point in the history
…eshold

secret-sharing/src/churp: Fix threshold overflow
  • Loading branch information
peternose authored May 13, 2024
2 parents f328068 + ddf5134 commit 2a56fa2
Show file tree
Hide file tree
Showing 6 changed files with 22 additions and 10 deletions.
Empty file added .changelog/5690.trivial.md
Empty file.
9 changes: 9 additions & 0 deletions go/keymanager/churp/requests.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ import (
"github.com/oasisprotocol/oasis-core/go/common/crypto/signature"
)

// maxThreshold is the maximum threshold.
//
// Limiting the threshold ensures that the dimensions of bivariate polynomials
// (t, 2t) never exceed the range of uint8.
const maxThreshold = 127

var (
// ApplicationRequestSignatureContext is the signature context used to sign
// application requests with runtime signing key (RAK).
Expand Down Expand Up @@ -50,6 +56,9 @@ func (c *CreateRequest) ValidateBasic() error {
if c.SuiteID > 0 {
return fmt.Errorf("unsupported suite, ID %d", c.SuiteID)
}
if c.Threshold > maxThreshold {
return fmt.Errorf("threshold too large: got %d, max %d", c.Threshold, maxThreshold)
}
if c.Policy.Policy.ID != c.ID {
return fmt.Errorf("policy ID mismatch: got %d, expected %d", c.Policy.Policy.ID, c.ID)
}
Expand Down
2 changes: 1 addition & 1 deletion keymanager/src/churp/handler.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1038,7 +1038,7 @@ impl Churp {
// will detect the polynomial change because the checksum
// of the verification matrix in the submitted application
// will also change.
let dealer = Dealer::new(threshold, dealing_phase, &mut OsRng);
let dealer = Dealer::new(threshold, dealing_phase, &mut OsRng)?;

// Encrypt and store the polynomial in case of a restart.
let polynomial = dealer.bivariate_polynomial();
Expand Down
17 changes: 9 additions & 8 deletions secret-sharing/src/churp/dealer.rs
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
//! CHURP dealer.
use anyhow::Result;

use rand_core::RngCore;

use crate::{
Expand All @@ -12,7 +11,7 @@ use crate::{
},
};

use super::{HandoffKind, ShareholderId};
use super::{Error, HandoffKind, ShareholderId};

/// Dealer is responsible for generating a secret bivariate polynomial,
/// computing a verification matrix, and deriving secret shares for other
Expand All @@ -35,14 +34,16 @@ where
S: Suite,
{
/// Creates a new dealer.
pub fn new(threshold: u8, dealing_phase: bool, rng: &mut impl RngCore) -> Self {
pub fn new(threshold: u8, dealing_phase: bool, rng: &mut impl RngCore) -> Result<Self> {
let dx = threshold;
let dy = 2 * threshold;
let dy = threshold.checked_mul(2).ok_or(Error::ThresholdTooLarge)?;

match dealing_phase {
let dealer = match dealing_phase {
true => Dealer::random(dx, dy, rng),
false => Dealer::zero_hole(dx, dy, rng),
}
};

Ok(dealer)
}

/// Creates a new dealer with a random bivariate polynomial.
Expand Down Expand Up @@ -113,7 +114,7 @@ mod tests {

let threshold = 2;
for dealing_phase in vec![true, false] {
let dealer = Dealer::new(threshold, dealing_phase, &mut rng);
let dealer = Dealer::new(threshold, dealing_phase, &mut rng).unwrap();
assert_eq!(dealer.verification_matrix().is_zero_hole(), !dealing_phase);
assert_eq!(dealer.bivariate_polynomial().deg_x, 2);
assert_eq!(dealer.bivariate_polynomial().deg_y, 4);
Expand All @@ -123,7 +124,7 @@ mod tests {

let threshold = 0;
for dealing_phase in vec![true, false] {
let dealer = Dealer::new(threshold, dealing_phase, &mut rng);
let dealer = Dealer::new(threshold, dealing_phase, &mut rng).unwrap();
assert_eq!(dealer.verification_matrix().is_zero_hole(), !dealing_phase);
assert_eq!(dealer.bivariate_polynomial().deg_x, 0);
assert_eq!(dealer.bivariate_polynomial().deg_y, 0);
Expand Down
2 changes: 2 additions & 0 deletions secret-sharing/src/churp/errors.rs
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ pub enum Error {
PolynomialDegreeMismatch,
#[error("shareholder encoding failed")]
ShareholderEncodingFailed,
#[error("threshold too large")]
ThresholdTooLarge,
#[error("too many switch points")]
TooManySwitchPoints,
#[error("unknown shareholder")]
Expand Down
2 changes: 1 addition & 1 deletion secret-sharing/src/churp/handoff.rs
Original file line number Diff line number Diff line change
Expand Up @@ -383,7 +383,7 @@ mod tests {
) -> HashMap<ShareholderId, Dealer> {
let mut dealers = HashMap::new();
for sh in committee.iter() {
let d = Dealer::new(threshold, dealing_phase, rng);
let d = Dealer::new(threshold, dealing_phase, rng).unwrap();
dealers.insert(sh.clone(), d);
}
dealers
Expand Down

0 comments on commit 2a56fa2

Please sign in to comment.