Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IF: Check if input strings are invalid in conversion to public key or signature #1606

Merged
merged 1 commit into from
Sep 7, 2023
Merged

IF: Check if input strings are invalid in conversion to public key or signature #1606

merged 1 commit into from
Sep 7, 2023

Conversation

linh2931
Copy link
Member

@linh2931 linh2931 commented Sep 7, 2023

When a string is converted to a public key or signature, check if the string is invalid.

@linh2931 linh2931 requested review from greg7mdp and heifner September 7, 2023 11:55
heifner
heifner approved these changes Sep 7, 2023
View reviewed changes
Copy link
Member

@heifner heifner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be nice to have a test that triggers this failure. I looked around some but couldn't find any examples. Maybe @mschoenebeck could provide an example.

greg7mdp
greg7mdp reviewed Sep 7, 2023
View reviewed changes
libraries/libfc/src/crypto/bls_signature.cpp
@@ -17,7 +17,7 @@ namespace fc::crypto::blslib {

std::array<uint8_t, 192> bytes = fc::crypto::blslib::deserialize_base64<std::array<uint8_t, 192>>(data_str);

constexpr bool check = false; // default
constexpr bool check = true; // check if base64str is invalid
constexpr bool raw = true;
std::optional<bls12_381::g2> g2 = bls12_381::g2::fromAffineBytesLE(bytes, check, raw);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not related to this PR, but I don't think the APIs from bls12_381 are well designed. These bool parameters could be replaced by enum template parameters which would be clearer and more efficient.

@linh2931 linh2931 merged commit 61db6ac into hotstuff_integration Sep 7, 2023
@linh2931 linh2931 deleted the check_key_invalid branch September 7, 2023 12:38
@ericpassmore
Copy link
Contributor

Note:start
group: IF
category: CRYPTO
summary: Add a check to make sure key or signature is valid when converted from a string.
Note:end

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@greg7mdp greg7mdp greg7mdp approved these changes

@heifner heifner heifner approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@linh2931 @ericpassmore @greg7mdp @heifner