tornado-packages/noble-curves
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix bls short sig verification on hex. Closes gh-124

Browse Source
This commit is contained in:
Paul Miller 2024-03-01 21:22:49 +00:00
parent 38a4ca1e6b
commit 32bda7926d
No known key found for this signature in database
GPG Key ID: 697079DA6878B89B
2 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/bls12-381.ts
View File

@ -1364,7 +1364,7 @@ export const bls12_381: CurveFn<Fp, Fp2, Fp6, Fp12> = bls({
fromHex(hex: Hex): ProjPointType<Fp2> { fromHex(hex: Hex): ProjPointType<Fp2> {
const { infinity, sort, value } = parseMask(ensureBytes('signatureHex', hex)); const { infinity, sort, value } = parseMask(ensureBytes('signatureHex', hex));
const P = Fp.ORDER; const P = Fp.ORDER;
const half = hex.length / 2; const half = value.length / 2;
if (half !== 48 && half !== 96) if (half !== 48 && half !== 96)
throw new Error('Invalid compressed signature length, must be 96 or 192'); throw new Error('Invalid compressed signature length, must be 96 or 192');
const z1 = bytesToNumberBE(value.slice(0, half)); const z1 = bytesToNumberBE(value.slice(0, half));

30
test/bls12-381.test.js
View File

@ -1173,6 +1173,8 @@ describe('verify()', () => {
const pub = bls.getPublicKey(priv); const pub = bls.getPublicKey(priv);
const res = bls.verify(sig, msg, pub); const res = bls.verify(sig, msg, pub);
deepStrictEqual(res, true, `${priv}-${msg}`); deepStrictEqual(res, true, `${priv}-${msg}`);
const resHex = bls.verify(bytesToHex(sig), msg, pub);
deepStrictEqual(resHex, true, `${priv}-${msg}-hex`);
} }
}); });
should('not verify signature with wrong message', () => { should('not verify signature with wrong message', () => {
@ -1193,6 +1195,8 @@ describe('verify()', () => {
const invPub = bls.getPublicKey(invPriv); const invPub = bls.getPublicKey(invPriv);
const res = bls.verify(sig, msg, invPub); const res = bls.verify(sig, msg, invPub);
deepStrictEqual(res, false); deepStrictEqual(res, false);
const resHex = bls.verify(bytesToHex(sig), msg, invPub);
deepStrictEqual(resHex, false);
} }
}); });
should('verify signed message (short signatures)', () => { should('verify signed message (short signatures)', () => {
@ -1202,6 +1206,8 @@ describe('verify()', () => {
const pub = bls.getPublicKeyForShortSignatures(priv); const pub = bls.getPublicKeyForShortSignatures(priv);
const res = bls.verifyShortSignature(sig, msg, pub); const res = bls.verifyShortSignature(sig, msg, pub);
deepStrictEqual(res, true, `${priv}-${msg}`); deepStrictEqual(res, true, `${priv}-${msg}`);
const resHex = bls.verifyShortSignature(bytesToHex(sig), msg, pub);
deepStrictEqual(resHex, true, `${priv}-${msg}`);
} }
}); });
should('not verify signature with wrong message (short signatures)', () => { should('not verify signature with wrong message (short signatures)', () => {
@ -1212,6 +1218,8 @@ describe('verify()', () => {
const pub = bls.getPublicKeyForShortSignatures(priv); const pub = bls.getPublicKeyForShortSignatures(priv);
const res = bls.verifyShortSignature(sig, invMsg, pub); const res = bls.verifyShortSignature(sig, invMsg, pub);
deepStrictEqual(res, false); deepStrictEqual(res, false);
const resHex = bls.verifyShortSignature(bytesToHex(sig), invMsg, pub);
deepStrictEqual(resHex, false);
} }
}); });
should('not verify signature with wrong key', () => { should('not verify signature with wrong key', () => {
@ -1222,6 +1230,8 @@ describe('verify()', () => {
const invPub = bls.getPublicKeyForShortSignatures(invPriv); const invPub = bls.getPublicKeyForShortSignatures(invPriv);
const res = bls.verifyShortSignature(sig, msg, invPub); const res = bls.verifyShortSignature(sig, msg, invPub);
deepStrictEqual(res, false); deepStrictEqual(res, false);
const resHex = bls.verifyShortSignature(bytesToHex(sig), msg, invPub);
deepStrictEqual(resHex, false);
} }
}); });
describe('batch', () => { describe('batch', () => {
@ -1234,6 +1244,10 @@ describe('verify()', () => {
const signatures = messages.map((message, i) => bls.sign(message, privateKeys[i])); const signatures = messages.map((message, i) => bls.sign(message, privateKeys[i]));
const aggregatedSignature = bls.aggregateSignatures(signatures); const aggregatedSignature = bls.aggregateSignatures(signatures);
deepStrictEqual(bls.verifyBatch(aggregatedSignature, messages, publicKey), true); deepStrictEqual(bls.verifyBatch(aggregatedSignature, messages, publicKey), true);
deepStrictEqual(
bls.verifyBatch(bytesToHex(aggregatedSignature), messages, publicKey),
true
);
}) })
); );
}); });
@ -1252,6 +1266,10 @@ describe('verify()', () => {
bls.verifyBatch(aggregatedSignature, wrongMessages, publicKey), bls.verifyBatch(aggregatedSignature, wrongMessages, publicKey),
messages.every((m, i) => m === wrongMessages[i]) messages.every((m, i) => m === wrongMessages[i])
); );
deepStrictEqual(
bls.verifyBatch(bytesToHex(aggregatedSignature), wrongMessages, publicKey),
messages.every((m, i) => m === wrongMessages[i])
);
}) })
); );
}); });
@ -1274,6 +1292,10 @@ describe('verify()', () => {
bls.verifyBatch(aggregatedSignature, messages, wrongPublicKeys), bls.verifyBatch(aggregatedSignature, messages, wrongPublicKeys),
wrongPrivateKeys.every((p, i) => p === privateKeys[i]) wrongPrivateKeys.every((p, i) => p === privateKeys[i])
); );
deepStrictEqual(
bls.verifyBatch(bytesToHex(aggregatedSignature), messages, wrongPublicKeys),
wrongPrivateKeys.every((p, i) => p === privateKeys[i])
);
} }
) )
); );
@ -1287,6 +1309,10 @@ describe('verify()', () => {
const aggregatedSignature = bls.aggregateSignatures(signatures); const aggregatedSignature = bls.aggregateSignatures(signatures);
const aggregatedPublicKey = bls.aggregatePublicKeys(publicKey); const aggregatedPublicKey = bls.aggregatePublicKeys(publicKey);
deepStrictEqual(bls.verify(aggregatedSignature, message, aggregatedPublicKey), true); deepStrictEqual(bls.verify(aggregatedSignature, message, aggregatedPublicKey), true);
deepStrictEqual(
bls.verify(bytesToHex(aggregatedSignature), message, aggregatedPublicKey),
true
);
}) })
); );
}); });
@ -1302,6 +1328,10 @@ describe('verify()', () => {
bls.verify(aggregatedSignature, wrongMessage, aggregatedPublicKey), bls.verify(aggregatedSignature, wrongMessage, aggregatedPublicKey),
message === wrongMessage message === wrongMessage
); );
deepStrictEqual(
bls.verify(bytesToHex(aggregatedSignature), wrongMessage, aggregatedPublicKey),
message === wrongMessage
);
}) })
); );
}); });