From 156a1e909a55f468fb7902cf1188791a14f2afd2 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Thu, 31 Aug 2023 13:28:53 -0400 Subject: [PATCH] Fix ShortSignature.fromHex to check the G1 point is valid --- src/bls12-381.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/bls12-381.ts b/src/bls12-381.ts index fca39fd..7360673 100644 --- a/src/bls12-381.ts +++ b/src/bls12-381.ts @@ -1188,7 +1188,9 @@ export const bls12_381: CurveFn = bls({ if (!y) throw new Error('Invalid compressed G1 point'); const aflag = bitGet(compressedValue, C_BIT_POS); if ((y * _2n) / P !== aflag) y = Fp.neg(y); - return bls12_381.G1.ProjectivePoint.fromAffine({ x, y }); + const point = bls12_381.G1.ProjectivePoint.fromAffine({ x, y }); + point.assertValidity(); + return point; }, toRawBytes(point: ProjPointType) { return signatureG1ToRawBytes(point);