tornadocontrib/noble-curves
1
0
Fork 0
forked from tornado-packages/noble-curves
Code Pull Requests Activity

Merge pull request #81 from randombit/jack/check-short-sig-in-subgroup

Browse Source 
Fix ShortSignature.fromHex to check the G1 point is valid
This commit is contained in:
Paul Miller 2023-08-31 20:26:17 +02:00 committed by GitHub
commit 1e67754943
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/bls12-381.ts
View File

@ -1188,7 +1188,9 @@ export const bls12_381: CurveFn<Fp, Fp2, Fp6, Fp12> = bls({
if (!y) throw new Error('Invalid compressed G1 point'); if (!y) throw new Error('Invalid compressed G1 point');
const aflag = bitGet(compressedValue, C_BIT_POS); const aflag = bitGet(compressedValue, C_BIT_POS);
if ((y * _2n) / P !== aflag) y = Fp.neg(y); if ((y * _2n) / P !== aflag) y = Fp.neg(y);
return bls12_381.G1.ProjectivePoint.fromAffine({ x, y }); const point = bls12_381.G1.ProjectivePoint.fromAffine({ x, y });
point.assertValidity();
return point;
}, },
toRawBytes(point: ProjPointType<Fp>) { toRawBytes(point: ProjPointType<Fp>) {
return signatureG1ToRawBytes(point); return signatureG1ToRawBytes(point);