mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-01-25 18:53:23 -03:00
Check signature nonces for validity
The documentation implies that this check is happening, so make it so. Without this check, passing an invalid nonce will trigger an internal assertion.
This commit is contained in:
parent
920c243932
commit
ba8fc0e28f
1 changed files with 10 additions and 2 deletions
|
@ -56,9 +56,13 @@ int secp256k1_ecdsa_sign(const unsigned char *message, int messagelen, unsigned
|
|||
secp256k1_num_set_bin(&sec, seckey, 32);
|
||||
secp256k1_num_set_bin(&non, nonce, 32);
|
||||
secp256k1_num_set_bin(&msg, message, messagelen);
|
||||
int ret = !secp256k1_num_is_zero(&non) &&
|
||||
(secp256k1_num_cmp(&non, &secp256k1_ge_consts->order) < 0);
|
||||
secp256k1_ecdsa_sig_t sig;
|
||||
secp256k1_ecdsa_sig_init(&sig);
|
||||
int ret = secp256k1_ecdsa_sig_sign(&sig, &sec, &msg, &non, NULL);
|
||||
if (ret) {
|
||||
ret = secp256k1_ecdsa_sig_sign(&sig, &sec, &msg, &non, NULL);
|
||||
}
|
||||
if (ret) {
|
||||
secp256k1_ecdsa_sig_serialize(signature, signaturelen, &sig);
|
||||
}
|
||||
|
@ -77,9 +81,13 @@ int secp256k1_ecdsa_sign_compact(const unsigned char *message, int messagelen, u
|
|||
secp256k1_num_set_bin(&sec, seckey, 32);
|
||||
secp256k1_num_set_bin(&non, nonce, 32);
|
||||
secp256k1_num_set_bin(&msg, message, messagelen);
|
||||
int ret = !secp256k1_num_is_zero(&non) &&
|
||||
(secp256k1_num_cmp(&non, &secp256k1_ge_consts->order) < 0);
|
||||
secp256k1_ecdsa_sig_t sig;
|
||||
secp256k1_ecdsa_sig_init(&sig);
|
||||
int ret = secp256k1_ecdsa_sig_sign(&sig, &sec, &msg, &non, recid);
|
||||
if (ret) {
|
||||
ret = secp256k1_ecdsa_sig_sign(&sig, &sec, &msg, &non, recid);
|
||||
}
|
||||
if (ret) {
|
||||
secp256k1_num_get_bin(sig64, 32, &sig.r);
|
||||
secp256k1_num_get_bin(sig64 + 32, 32, &sig.s);
|
||||
|
|
Loading…
Add table
Reference in a new issue