Skip to content

Commit

Permalink
fix(eddsa-poseidon): adds a check on the message parameter to ensure …
Browse files Browse the repository at this point in the history
…it doesnt exceed 32 bytes.

re #190
  • Loading branch information
hannahredler committed Oct 24, 2024
1 parent 291501f commit 6a9535b
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 5 deletions.
13 changes: 8 additions & 5 deletions packages/eddsa-poseidon/src/utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -59,18 +59,21 @@ export function checkPrivateKey(privateKey: Buffer | Uint8Array | string): Buffe
}

/**
* Validates and converts a BigNumberish message to a bigint.
* Validates and converts a BigNumberish message to a bigint. Ensures the message size does not exceed 32 bytes.
* @param message The message to check and convert.
* @returns The message as a bigint.
*/
export function checkMessage(message: BigNumberish): bigint {
requireTypes(message, "message", ["bignumberish", "string"])

if (isBigNumberish(message)) {
return bigNumberishToBigInt(message)
}
const bigIntMessage =
isBigNumberish(message) && message
? bigNumberishToBigInt(message)
: bufferToBigInt(Buffer.from(message as string))

return bufferToBigInt(Buffer.from(message as string))
const maxLength = 2n ** 256n / 2n - 1n
if (bigIntMessage > maxLength) throw new Error(`Message length is larger than 32 bytes`)
return bigIntMessage
}

/**
Expand Down
16 changes: 16 additions & 0 deletions packages/eddsa-poseidon/tests/eddsa-poseidon-blake1.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,22 @@ describe("EdDSAPoseidon", () => {
expect(fun).toThrow(`Parameter 'message' is none of the following types: bignumberish, string`)
})

it("Should throw an error if the message is larger than 32 Bytes [string]", async () => {
const message = "abcdefghijklmnopqrstuvwxyz1234567"

const fun = () => signMessage(privateKey, message)

expect(fun).toThrow(`Message length is larger than 32 bytes`)
})

it("Should throw an error if the message is larger than 32 Bytes [number]", async () => {
const message = 2 ** 256 / 2

const fun = () => signMessage(privateKey, message)

expect(fun).toThrow(`Message length is larger than 32 bytes`)
})

it("Should verify a signature (numeric)", async () => {
const publicKey = derivePublicKey(privateKey)
const signature = signMessage(privateKey, message)
Expand Down

0 comments on commit 6a9535b

Please sign in to comment.