From 5f7288d33eadea0bbedff71a278a3707ea281152 Mon Sep 17 00:00:00 2001 From: Kirk Baird Date: Fri, 12 Mar 2021 13:12:04 +1100 Subject: [PATCH] Update infinity checks in milagro bls Signed-off-by: Kirk Baird --- src/aggregates.rs | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/src/aggregates.rs b/src/aggregates.rs index 3b876d0..abf36be 100644 --- a/src/aggregates.rs +++ b/src/aggregates.rs @@ -200,6 +200,11 @@ impl AggregateSignature { } let aggregate_public_key = aggregate_public_key.unwrap(); + // Ensure AggregatePublicKey is not infinity + if aggregate_public_key.point.is_infinity() { + return false; + } + // Hash message to curve let mut msg_hash = hash_to_curve_g2(msg); @@ -233,6 +238,11 @@ impl AggregateSignature { return false; } + // Ensure AggregatePublicKey is not infinity + if aggregate_public_key.point.is_infinity() { + return false; + } + // Hash message to curve let mut msg_hash = hash_to_curve_g2(msg); @@ -386,6 +396,25 @@ mod tests { assert!(!agg_sig.fast_aggregate_verify(&[0; 32], &[])); } + #[test] + fn test_split_zero_fast_aggregate_verify() { + let agg_sig = AggregateSignature::new(); + + let mut sk_bytes = [0; 32]; + sk_bytes[31] = 1; + let sk = SecretKey::from_bytes(&sk_bytes).unwrap(); // 1 + let pk = PublicKey::from_secret_key(&sk); + + let sk_bytes = hex::decode("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000").unwrap(); + let neg_sk = SecretKey::from_bytes(&sk_bytes).unwrap(); // -1 + let neg_pk = PublicKey::from_secret_key(&neg_sk); + + let public_keys = [&pk, &neg_pk]; + + // Aggregates to zero should fail + assert!(!agg_sig.fast_aggregate_verify(&[0; 32], &public_keys)); + } + fn map_secret_bytes_to_keypairs(secret_key_bytes: Vec>) -> Vec { let mut keypairs = vec![]; for bytes in secret_key_bytes {