github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-01-09 14:48:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

hotfix off-by-one issues (#145)

Browse Source
This commit is contained in:
turboblitz
2025-02-19 17:36:43 -08:00
committed by GitHub
parent 817e19bd95
commit 5e83716273
3 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
circuits/circuits/dsc/dsc.circom
View File

@@ -87,7 +87,7 @@ template DSC(
// this should guarantee the dsc commitment is unique for each commitment
component byte_checks[MAX_DSC_LENGTH];
for (var i = 0; i < MAX_DSC_LENGTH; i++) {
byte_checks[i] = GreaterThan(12);
byte_checks[i] = GreaterEqThan(12);
byte_checks[i].in[0] <== i;
byte_checks[i].in[1] <== raw_dsc_padded_length;

4
circuits/circuits/utils/passport/signatureVerifier.circom
View File

@@ -25,7 +25,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) {
signal input pubKey[kScaled];
signal input signature[kScaled];
var msg_len = (HASH_LEN_BITS + n) \ n;
var msg_len = (HASH_LEN_BITS + n - 1) \ n;
signal hashParsed[msg_len] <== HashParser(signatureAlgorithm, n, k)(hash);
@@ -124,7 +124,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) {
template HashParser(signatureAlgorithm, n, k) {
var HASH_LEN_BITS = getHashLength(signatureAlgorithm);
var msg_len = (HASH_LEN_BITS + n) \ n;
var msg_len = (HASH_LEN_BITS + n - 1) \ n;
component hashParser[msg_len];
signal input hash[HASH_LEN_BITS];

13
circuits/tests/dsc/dsc.test.ts
View File

@@ -283,6 +283,19 @@ testSuite.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
}
});
it('should not allow tampering of raw_dsc[raw_dsc_padded_length]', async () => {
try {
const tamperedInputs = JSON.parse(JSON.stringify(inputs));
const paddedLength = Number(tamperedInputs.raw_dsc_padded_length);
tamperedInputs.raw_dsc[paddedLength] = '255'; // or any nonzero value
await circuit.calculateWitness(tamperedInputs);
expect.fail('Expected an error but none was thrown.');
} catch (error: any) {
expect(error.message).to.include('Assert Failed');
}
});
it('should fail if raw_csca has a signal that is longer than a byte', async function () {
try {
const tamperedInputs = JSON.parse(JSON.stringify(inputs));