crypto: tz2 should hash input

trilitech · Jun 27, 2024 · 9d7e405 · 9d7e405
1 parent 8cf5025
commit 9d7e405
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 11 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -61,6 +61,7 @@ parameterized by the lifetime of the input byte slice.
 - Fix `BlsSignature` base58 check encoding/decoding.
 - Fix `SecretKeyEd25519` base58 check encoding/decoding.
 - Fix all zeros signature encoding: should be `Unknown` rather than defaulting to `Ed25519`.
+- Fix `tz2` signature verification: input should be hashed.
 
 ### Security
 

diff --git a/crypto/src/hash.rs b/crypto/src/hash.rs
@@ -666,15 +666,19 @@ impl PublicKeySignatureVerifier for PublicKeySecp256k1 {
         signature: &Self::Signature,
         bytes: &[u8],
     ) -> Result<bool, Self::Error> {
+
         let pk = libsecp256k1::PublicKey::parse_slice(
             &self.0,
             Some(libsecp256k1::PublicKeyFormat::Compressed),
         )
         .map_err(|_| CryptoError::InvalidPublicKey)?;
         let sig = libsecp256k1::Signature::parse_standard_slice(signature.as_ref())
             .map_err(|_| CryptoError::InvalidSignature)?;
+
+        let payload = crate::blake2b::digest_256(bytes);
+
         let msg =
-            libsecp256k1::Message::parse_slice(bytes).map_err(|_| CryptoError::InvalidMessage)?;
+            libsecp256k1::Message::parse_slice(&payload).map_err(|_| CryptoError::InvalidMessage)?;
 
         Ok(libsecp256k1::verify(&msg, &sig, &pk))
     }
@@ -1126,15 +1130,15 @@ mod tests {
 
     #[test]
     fn test_secp256k1_signature_verification() {
+        // sk: spsk1sheno8Jt8FoBEoamFoNBxUEpjEggNNpepTFc8cEoJBA9QjDJq
         let pk = PublicKeySecp256k1::from_base58_check(
-            "sppk7cwkTzCPptCSxSTvGNg4uqVcuTbyWooLnJp4yxJNH5DReUGxYvs",
+            "sppk7a2WEfU54QzcQZ2EMjihtcxLeRtNTVxHw4FW2e8W5kEJ8ZargSb",
         )
         .unwrap();
-        let sig = Signature::from_base58_check("sigrJ2jqanLupARzKGvzWgL1Lv6NGUqDovHKQg9MX4PtNtHXgcvG6131MRVzujJEXfvgbuRtfdGbXTFaYJJjuUVLNNZTf5q1").unwrap().try_into().unwrap();
-        let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b")
-            .unwrap();
+        let sig = Secp256k1Signature::from_base58_check("spsig1QLf7cczTbt4UHFGQKUrB2pS3ZTu9wdXR29zKxVPQkhBaiLez6hRcM142ms7HagQa3vuPstvMtYq44y4x4RPcrLu76ZuQ7").unwrap();
+        let msg = b"hello, test";
 
-        let result = pk.verify_signature(&sig, &msg).unwrap();
+        let result = pk.verify_signature(&sig, msg).unwrap();
         assert!(result);
     }
 

diff --git a/crypto/src/public_key.rs b/crypto/src/public_key.rs
@@ -240,14 +240,15 @@ mod test {
 
     #[test]
     fn tz2_signature_signature_verification_succeeds() {
+        // sk: spsk1sheno8Jt8FoBEoamFoNBxUEpjEggNNpepTFc8cEoJBA9QjDJq
         let tz2 =
-            PublicKey::from_b58check("sppk7cwkTzCPptCSxSTvGNg4uqVcuTbyWooLnJp4yxJNH5DReUGxYvs")
+            PublicKey::from_b58check("sppk7a2WEfU54QzcQZ2EMjihtcxLeRtNTVxHw4FW2e8W5kEJ8ZargSb")
                 .expect("public key decoding should work");
-        let sig = Signature::from_base58_check("sigrJ2jqanLupARzKGvzWgL1Lv6NGUqDovHKQg9MX4PtNtHXgcvG6131MRVzujJEXfvgbuRtfdGbXTFaYJJjuUVLNNZTf5q1").expect("signature decoding should work");
-        let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b")
-            .expect("payload decoding should work");
+        // todo use sig not spsig
+        let sig = Signature::from_base58_check("siggWynZ1jzFuv67FWSAvhX8948jgL5szpwT2fZAL5brmU9egqoXd3fDXCLQJ2EBcYVLBkev3HvkQ6xnFxSBjthdonajN8JX").expect("signature decoding should work");
+        let msg = b"hello, test";
 
-        let result = tz2.verify_signature(&sig, &msg).unwrap();
+        let result = tz2.verify_signature(&sig, msg).unwrap();
         assert!(result);
     }