Skip to content

Commit

Permalink
Merge pull request #76 from trilitech/emturner@tz2-verif
Browse files Browse the repository at this point in the history
crypto: tz2 should hash input
  • Loading branch information
emturner authored Jun 27, 2024
2 parents fc6ed17 + 3c54074 commit c2371c3
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 12 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ parameterized by the lifetime of the input byte slice.
- Fix `BlsSignature` base58 check encoding/decoding.
- Fix `SecretKeyEd25519` base58 check encoding/decoding.
- Fix all zeros signature encoding: should be `Unknown` rather than defaulting to `Ed25519`.
- Fix `tz1` signature verification: input should be hashed.
- Fix `tz2` signature verification: input should be hashed.
- Fix `tz3` signature verification: input should be hashed.

### Security
Expand Down
17 changes: 10 additions & 7 deletions crypto/src/hash.rs
Original file line number Diff line number Diff line change
Expand Up @@ -673,8 +673,11 @@ impl PublicKeySignatureVerifier for PublicKeySecp256k1 {
.map_err(|_| CryptoError::InvalidPublicKey)?;
let sig = libsecp256k1::Signature::parse_standard_slice(signature.as_ref())
.map_err(|_| CryptoError::InvalidSignature)?;
let msg =
libsecp256k1::Message::parse_slice(bytes).map_err(|_| CryptoError::InvalidMessage)?;

let payload = crate::blake2b::digest_256(bytes);

let msg = libsecp256k1::Message::parse_slice(&payload)
.map_err(|_| CryptoError::InvalidMessage)?;

Ok(libsecp256k1::verify(&msg, &sig, &pk))
}
Expand Down Expand Up @@ -1128,15 +1131,15 @@ mod tests {

#[test]
fn test_secp256k1_signature_verification() {
// sk: spsk1sheno8Jt8FoBEoamFoNBxUEpjEggNNpepTFc8cEoJBA9QjDJq
let pk = PublicKeySecp256k1::from_base58_check(
"sppk7cwkTzCPptCSxSTvGNg4uqVcuTbyWooLnJp4yxJNH5DReUGxYvs",
"sppk7a2WEfU54QzcQZ2EMjihtcxLeRtNTVxHw4FW2e8W5kEJ8ZargSb",
)
.unwrap();
let sig = Signature::from_base58_check("sigrJ2jqanLupARzKGvzWgL1Lv6NGUqDovHKQg9MX4PtNtHXgcvG6131MRVzujJEXfvgbuRtfdGbXTFaYJJjuUVLNNZTf5q1").unwrap().try_into().unwrap();
let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b")
.unwrap();
let sig = Secp256k1Signature::from_base58_check("spsig1QLf7cczTbt4UHFGQKUrB2pS3ZTu9wdXR29zKxVPQkhBaiLez6hRcM142ms7HagQa3vuPstvMtYq44y4x4RPcrLu76ZuQ7").unwrap();
let msg = b"hello, test";

let result = pk.verify_signature(&sig, &msg).unwrap();
let result = pk.verify_signature(&sig, msg).unwrap();
assert!(result);
}

Expand Down
11 changes: 6 additions & 5 deletions crypto/src/public_key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -252,14 +252,15 @@ mod test {

#[test]
fn tz2_signature_signature_verification_succeeds() {
// sk: spsk1sheno8Jt8FoBEoamFoNBxUEpjEggNNpepTFc8cEoJBA9QjDJq
let tz2 =
PublicKey::from_b58check("sppk7cwkTzCPptCSxSTvGNg4uqVcuTbyWooLnJp4yxJNH5DReUGxYvs")
PublicKey::from_b58check("sppk7a2WEfU54QzcQZ2EMjihtcxLeRtNTVxHw4FW2e8W5kEJ8ZargSb")
.expect("public key decoding should work");
let sig = Signature::from_base58_check("sigrJ2jqanLupARzKGvzWgL1Lv6NGUqDovHKQg9MX4PtNtHXgcvG6131MRVzujJEXfvgbuRtfdGbXTFaYJJjuUVLNNZTf5q1").expect("signature decoding should work");
let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b")
.expect("payload decoding should work");
// todo use sig not spsig
let sig = Signature::from_base58_check("siggWynZ1jzFuv67FWSAvhX8948jgL5szpwT2fZAL5brmU9egqoXd3fDXCLQJ2EBcYVLBkev3HvkQ6xnFxSBjthdonajN8JX").expect("signature decoding should work");
let msg = b"hello, test";

let result = tz2.verify_signature(&sig, &msg).unwrap();
let result = tz2.verify_signature(&sig, msg).unwrap();
assert!(result);
}

Expand Down

0 comments on commit c2371c3

Please sign in to comment.