mirror of
https://github.com/mii443/lamport_sigs.rs.git
synced 2025-08-22 15:05:49 +00:00
Verify length of signature before indexing
If a `LamportSignatureData` object with too few subvectors was passed to the old code, it would panic when `offset` grew bigger than the number of subvectors. Obviously, panicing is much better behaviour than what we'd get in other languages (thanks Rust), but still not ideal.
This commit is contained in:
committed by
Romain Ruetschi
parent
e27418c384
commit
f2ae8d2a2f
@ -137,6 +137,10 @@ impl PublicKey {
|
||||
|
||||
/// Verifies that the signature of the data is correctly signed with the given key
|
||||
pub fn verify_signature(&self, signature: &LamportSignatureData, data: &[u8]) -> bool {
|
||||
if signature.len() != self.algorithm.output_len * 8 {
|
||||
return false;
|
||||
}
|
||||
|
||||
let mut context = Context::new(self.algorithm);
|
||||
context.update(data);
|
||||
let result = context.finish();
|
||||
|
19
src/tests.rs
19
src/tests.rs
@ -44,6 +44,25 @@ fn test_sign_verif() {
|
||||
assert!(pub_key.verify_signature(&signature, data));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_sign_verif_sig_wrong_size() {
|
||||
let mut priv_key = PrivateKey::new(digest_512);
|
||||
let data = "Hello World".as_bytes();
|
||||
let mut too_short = priv_key.sign(data).unwrap();
|
||||
let extra = too_short.pop();
|
||||
|
||||
let pub_key = priv_key.public_key();
|
||||
|
||||
assert!(!pub_key.verify_signature(&too_short, data));
|
||||
|
||||
let mut priv_key = PrivateKey::new(digest_512);
|
||||
let data = "Hello World".as_bytes();
|
||||
let mut too_long = priv_key.sign(data).unwrap();
|
||||
too_long.extend(extra);
|
||||
|
||||
assert!(!pub_key.verify_signature(&too_long, data));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_sign_verif_fail() {
|
||||
let mut priv_key = PrivateKey::new(digest_512);
|
||||
|
Reference in New Issue
Block a user