Merge #20248: test: fix length of R check in key_signature_tests

89895773b7 Fix length of R check in test/key_tests.cpp:key_signature_tests (Dmitry Petukhov)

Pull request description:

  The code before the fix only checked the length of R value of the last
  signature in the loop, and only for equality (but the length can be
  less than 32)

  The fixed code checks that length of the R value is less than or equal
  to 32 on each iteration of the loop

ACKs for top commit:
  laanwj:
    ACK 89895773b7

Tree-SHA512: 73eb2bb4a6c1c5fc11dd16851b28b43037ac06ef8cfc3b1f957429a1fca295c9422d67ec6c73c0e4bb4919f92e22dc5d733e84840b0d01ad1a529aa20d906ebf
This commit is contained in:
Wladimir J. van der Laan 2020-12-16 19:23:19 +01:00
commit 427f8c2cff
No known key found for this signature in database
GPG key ID: 1E4AED62986CD25D

View file

@ -172,20 +172,30 @@ BOOST_AUTO_TEST_CASE(key_signature_tests)
} }
BOOST_CHECK(found); BOOST_CHECK(found);
// When entropy is not specified, we should always see low R signatures that are less than 70 bytes in 256 tries // When entropy is not specified, we should always see low R signatures that are less than or equal to 70 bytes in 256 tries
// The low R signatures should always have the value of their "length of R" byte less than or equal to 32
// We should see at least one signature that is less than 70 bytes. // We should see at least one signature that is less than 70 bytes.
found = true;
bool found_small = false; bool found_small = false;
bool found_big = false;
bool bad_sign = false;
for (int i = 0; i < 256; ++i) { for (int i = 0; i < 256; ++i) {
sig.clear(); sig.clear();
std::string msg = "A message to be signed" + ToString(i); std::string msg = "A message to be signed" + ToString(i);
msg_hash = Hash(msg); msg_hash = Hash(msg);
BOOST_CHECK(key.Sign(msg_hash, sig)); if (!key.Sign(msg_hash, sig)) {
found = sig[3] == 0x20; bad_sign = true;
BOOST_CHECK(sig.size() <= 70); break;
}
// sig.size() > 70 implies sig[3] > 32, because S is always low.
// But check both conditions anyway, just in case this implication is broken for some reason
if (sig[3] > 32 || sig.size() > 70) {
found_big = true;
break;
}
found_small |= sig.size() < 70; found_small |= sig.size() < 70;
} }
BOOST_CHECK(found); BOOST_CHECK(!bad_sign);
BOOST_CHECK(!found_big);
BOOST_CHECK(found_small); BOOST_CHECK(found_small);
} }