Skip to content

Commit

Permalink
Merge pull request #28 from starkbank/fix/signature-range-check
Browse files Browse the repository at this point in the history
Add signature.r and signature.s range check
  • Loading branch information
cdottori-stark authored Nov 4, 2021
2 parents 998c92b + d136170 commit ea20ebb
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 6 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ Given a version number MAJOR.MINOR.PATCH, increment:


## [Unreleased]
### Fixed
- Signature r and s range check

## [2.0.0] - 2021-10-08
### Added
Expand Down
12 changes: 6 additions & 6 deletions ellipticcurve/__init__.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
from ellipticcurve.utils.compatibility import *
from ellipticcurve.privateKey import PrivateKey
from ellipticcurve.publicKey import PublicKey
from ellipticcurve.signature import Signature
from ellipticcurve.utils.file import File
from ellipticcurve.ecdsa import Ecdsa
from .utils.compatibility import *
from .privateKey import PrivateKey
from .publicKey import PublicKey
from .signature import Signature
from .utils.file import File
from .ecdsa import Ecdsa
4 changes: 4 additions & 0 deletions ellipticcurve/ecdsa.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,10 @@ def verify(cls, message, signature, publicKey, hashfunc=sha256):
curve = publicKey.curve
r = signature.r
s = signature.s
if not 1 <= r <= curve.N - 1:
return False
if not 1 <= s <= curve.N - 1:
return False
inv = Math.inv(s, curve.N)
u1 = Math.multiply(curve.G, n=(numberMessage * inv) % curve.N, N=curve.N, A=curve.A, P=curve.P)
u2 = Math.multiply(publicKey.point, n=(r * inv) % curve.N, N=curve.N, A=curve.A, P=curve.P)
Expand Down

0 comments on commit ea20ebb

Please sign in to comment.