From 3d6ac311036b0ae4cb7d53420aa7a0e7b0bf265c Mon Sep 17 00:00:00 2001 From: Jonas Nick Date: Mon, 10 Jul 2017 18:51:16 +0200 Subject: [PATCH] Add n_keys argument to whitelist_verify --- include/secp256k1_whitelist.h | 3 ++- src/modules/whitelist/main_impl.h | 4 ++-- src/modules/whitelist/tests_impl.h | 14 ++++++++++---- 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/include/secp256k1_whitelist.h b/include/secp256k1_whitelist.h index e1e17022..c536c11a 100644 --- a/include/secp256k1_whitelist.h +++ b/include/secp256k1_whitelist.h @@ -141,8 +141,9 @@ SECP256K1_API int secp256k1_whitelist_verify( const secp256k1_whitelist_signature *sig, const secp256k1_pubkey *online_pubkeys, const secp256k1_pubkey *offline_pubkeys, + const size_t n_keys, const secp256k1_pubkey *sub_pubkey -) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5); +) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(6); #ifdef __cplusplus } diff --git a/src/modules/whitelist/main_impl.h b/src/modules/whitelist/main_impl.h index 8ac93ded..0b2d6c9c 100644 --- a/src/modules/whitelist/main_impl.h +++ b/src/modules/whitelist/main_impl.h @@ -100,7 +100,7 @@ int secp256k1_whitelist_sign(const secp256k1_context* ctx, secp256k1_whitelist_s return ret; } -int secp256k1_whitelist_verify(const secp256k1_context* ctx, const secp256k1_whitelist_signature *sig, const secp256k1_pubkey *online_pubkeys, const secp256k1_pubkey *offline_pubkeys, const secp256k1_pubkey *sub_pubkey) { +int secp256k1_whitelist_verify(const secp256k1_context* ctx, const secp256k1_whitelist_signature *sig, const secp256k1_pubkey *online_pubkeys, const secp256k1_pubkey *offline_pubkeys, const size_t n_keys, const secp256k1_pubkey *sub_pubkey) { secp256k1_scalar s[MAX_KEYS]; secp256k1_gej pubs[MAX_KEYS]; unsigned char msg32[32]; @@ -113,7 +113,7 @@ int secp256k1_whitelist_verify(const secp256k1_context* ctx, const secp256k1_whi ARG_CHECK(offline_pubkeys != NULL); ARG_CHECK(sub_pubkey != NULL); - if (sig->n_keys > MAX_KEYS) { + if (sig->n_keys > MAX_KEYS || sig->n_keys != n_keys) { return 0; } for (i = 0; i < sig->n_keys; i++) { diff --git a/src/modules/whitelist/tests_impl.h b/src/modules/whitelist/tests_impl.h index 647e237b..7cf1fb09 100644 --- a/src/modules/whitelist/tests_impl.h +++ b/src/modules/whitelist/tests_impl.h @@ -58,9 +58,9 @@ void test_whitelist_end_to_end(const size_t n_keys) { secp256k1_whitelist_signature sig1; CHECK(secp256k1_whitelist_sign(ctx, &sig, online_pubkeys, offline_pubkeys, n_keys, &sub_pubkey, online_seckey[i], summed_seckey[i], i, NULL, NULL)); - CHECK(secp256k1_whitelist_verify(ctx, &sig, online_pubkeys, offline_pubkeys, &sub_pubkey) == 1); + CHECK(secp256k1_whitelist_verify(ctx, &sig, online_pubkeys, offline_pubkeys, n_keys, &sub_pubkey) == 1); /* Check that exchanging keys causes a failure */ - CHECK(secp256k1_whitelist_verify(ctx, &sig, offline_pubkeys, online_pubkeys, &sub_pubkey) != 1); + CHECK(secp256k1_whitelist_verify(ctx, &sig, offline_pubkeys, online_pubkeys, n_keys, &sub_pubkey) != 1); /* Serialization round trip */ CHECK(secp256k1_whitelist_signature_serialize(ctx, serialized, &slen, &sig) == 1); CHECK(slen == 33 + 32 * n_keys); @@ -70,11 +70,17 @@ void test_whitelist_end_to_end(const size_t n_keys) { CHECK(secp256k1_whitelist_signature_parse(ctx, &sig1, serialized, slen + 1) == 0); CHECK(secp256k1_whitelist_signature_parse(ctx, &sig1, serialized, slen - 1) == 0); CHECK(secp256k1_whitelist_signature_parse(ctx, &sig1, serialized, 0) == 0); - CHECK(secp256k1_whitelist_verify(ctx, &sig1, online_pubkeys, offline_pubkeys, &sub_pubkey) == 1); - CHECK(secp256k1_whitelist_verify(ctx, &sig1, offline_pubkeys, online_pubkeys, &sub_pubkey) != 1); + CHECK(secp256k1_whitelist_verify(ctx, &sig1, online_pubkeys, offline_pubkeys, n_keys, &sub_pubkey) == 1); + CHECK(secp256k1_whitelist_verify(ctx, &sig1, offline_pubkeys, online_pubkeys, n_keys, &sub_pubkey) != 1); + /* Test n_keys */ CHECK(secp256k1_whitelist_signature_n_keys(&sig) == n_keys); CHECK(secp256k1_whitelist_signature_n_keys(&sig1) == n_keys); + + /* Test bad number of keys in signature */ + sig.n_keys = n_keys + 1; + CHECK(secp256k1_whitelist_verify(ctx, &sig, offline_pubkeys, online_pubkeys, n_keys, &sub_pubkey) != 1); + sig.n_keys = n_keys; } for (i = 0; i < n_keys; i++) {