From 8581125a21ee4592631abe127749d6ca3f1020fa Mon Sep 17 00:00:00 2001
From: vickkkkkyy <vickyaviles847@gmail.com>
Date: Sun, 10 May 2026 17:49:17 +0800
Subject: [PATCH] crypto: add hash length check in nocgo VerifySignature
 (#33839)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

I was tracing a signature verification issue in a nocgo build and found
that `VerifySignature` doesn't validate hash length. #33104 added the
check to `Sign` and `sigToPub` but missed this one. The cgo path in
`secp256k1/secp256.go` already rejects non-32-byte hashes, so the nocgo
path should do the same — otherwise a wrong-length hash gets passed to
decred's `Verify` and silently gives a bogus result.
---
 crypto/signature_nocgo.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/signature_nocgo.go b/crypto/signature_nocgo.go
index 0aab7180d3..bf273612e9 100644
--- a/crypto/signature_nocgo.go
+++ b/crypto/signature_nocgo.go
@@ -103,7 +103,7 @@ func Sign(hash []byte, prv *ecdsa.PrivateKey) ([]byte, error) {
 // The public key should be in compressed (33 bytes) or uncompressed (65 bytes) format.
 // The signature should have the 64 byte [R || S] format.
 func VerifySignature(pubkey, hash, signature []byte) bool {
-	if len(signature) != 64 {
+	if len(signature) != 64 || len(hash) != DigestLength {
 		return false
 	}
 	var r, s secp256k1.ModNScalar