Skip to content

Commit 9cbfad0

Browse files
Fix panic when verifying an empty signature. Add test case (#18)
* Fix panic when verifying an empty signature. Add test case * Fix clippy and run cargo fmt
1 parent b4e7f08 commit 9cbfad0

File tree

2 files changed

+19
-1
lines changed

2 files changed

+19
-1
lines changed

src/params.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ pub enum WotsError {
4646
ExpectedMessage,
4747
}
4848

49-
#[derive(Debug, PartialEq)]
49+
#[derive(Debug, PartialEq, Eq)]
5050
pub enum ComputeLaddersMode {
5151
Generate,
5252
Sign,

src/security.rs

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,9 @@ pub fn consensus_params<PRFH: Hasher + Clone, MSGH: Hasher + Clone>() -> Params<
6969
}
7070

7171
pub fn verify(msg: &[u8], signature: &[u8], public_key: &[u8]) -> Result<(), WotsError> {
72+
if signature.is_empty() {
73+
return Err(WotsError::InvalidSignatureSize);
74+
}
7275
match ParamsEncoding::from(signature[0]) {
7376
ParamsEncoding::Level0 => level_0_params::<Blake2bHasher, Sha3_224Hasher>().verify(
7477
msg,
@@ -105,6 +108,9 @@ pub fn verify_no_consensus(
105108
signature: &[u8],
106109
public_key: &[u8],
107110
) -> Result<(), WotsError> {
111+
if signature.is_empty() {
112+
return Err(WotsError::InvalidSignatureSize);
113+
}
108114
match ParamsEncoding::from(signature[0]) {
109115
ParamsEncoding::Level0 => level_0_params::<Blake2bHasher, Sha3_224Hasher>().verify(
110116
msg,
@@ -203,4 +209,16 @@ mod tests {
203209
assert_eq!(res.len(), sig_size);
204210
verify(&msg, &res, &key.public_key).unwrap();
205211
}
212+
213+
#[test]
214+
fn verify_test_empty_signature() {
215+
let params = security::level_0_params();
216+
let key = Key::<Blake2bHasher, Sha3_224Hasher>::new(params).unwrap();
217+
let msg = vec![99u8; MAX_MSG_SIZE];
218+
let sig = vec![0u8; 0];
219+
let res = verify(&msg, &sig, &key.public_key);
220+
assert!(res.is_err());
221+
let res = verify_no_consensus(&msg, &sig, &key.public_key);
222+
assert!(res.is_err());
223+
}
206224
}

0 commit comments

Comments
 (0)