Merge pull request #424 from gzliudan/RIN-07

check parameters not to be nil when call function curve.Add
2026-06-20 13:44:31 +00:00 · 2024-02-12 22:23:34 +11:00 · 2024-02-12 22:23:34 +11:00 · 9eea134daa
commit 9eea134daa
parent b272e7418c d440d1d2c6
2 changed files with 72 additions and 0 deletions
--- a/core/vm/privacy/ringct.go
+++ b/core/vm/privacy/ringct.go
@ -454,6 +454,9 @@ func Sign(m [32]byte, rings []Ring, privkeys []*ecdsa.PrivateKey, s int) (*RingS
 			// calculate L[j][idx] = s[j][idx]*G + c[idx]*Ring[j][idx]
 			px, py := curve.ScalarMult(rings[j][idx].X, rings[j][idx].Y, PadTo32Bytes(C[idx].Bytes())) // px, py = c_i*P_i
 			sx, sy := curve.ScalarBaseMult(PadTo32Bytes(S[j][idx].Bytes()))                            // sx, sy = s[n-1]*G
+			if px == nil || py == nil || sx == nil || sy == nil {
+				return nil, errors.New("Could not create ring signature")
+			}
 			l_x, l_y := curve.Add(sx, sy, px, py)
 			L[j][idx] = &ecdsa.PublicKey{curve, l_x, l_y}
 			lT := append(PadTo32Bytes(l_x.Bytes()), PadTo32Bytes(l_y.Bytes())...)
@ -463,6 +466,9 @@ func Sign(m [32]byte, rings []Ring, privkeys []*ecdsa.PrivateKey, s int) (*RingS
 			px, py = curve.ScalarMult(images[j].X, images[j].Y, C[idx].Bytes()) // px, py = c_i*I
 			hx, hy := HashPoint(rings[j][idx])
 			sx, sy = curve.ScalarMult(hx, hy, S[j][idx].Bytes()) // sx, sy = s[n-1]*H_p(P_i)
+			if px == nil || py == nil || sx == nil || sy == nil {
+				return nil, errors.New("Could not create ring signature")
+			}
 			r_x, r_y := curve.Add(sx, sy, px, py)
 			R[j][idx] = &ecdsa.PublicKey{curve, r_x, r_y}
 			rT := append(PadTo32Bytes(r_x.Bytes()), PadTo32Bytes(r_y.Bytes())...)
@ -543,6 +549,9 @@ func Verify(sig *RingSignature, verifyMes bool) bool {
 			// calculate L[i][j] = s[i][j]*G + c[j]*Ring[i][j]
 			px, py := curve.ScalarMult(rings[i][j].X, rings[i][j].Y, C[j].Bytes()) // px, py = c_i*P_i
 			sx, sy := curve.ScalarBaseMult(S[i][j].Bytes())                        // sx, sy = s[i]*G
+			if px == nil || py == nil || sx == nil || sy == nil {
+				return false
+			}
 			l_x, l_y := curve.Add(sx, sy, px, py)
 			lT := append(PadTo32Bytes(l_x.Bytes()), PadTo32Bytes(l_y.Bytes())...)
 			//log.Info("L[i][j]", "i", i, "j", j, "L", common.Bytes2Hex(lT))
@ -559,6 +568,9 @@ func Verify(sig *RingSignature, verifyMes bool) bool {
 			//log.Info("H[i][j]", "i", i, "j", j, "x.input", common.Bytes2Hex(rings[i][j].X.Bytes()), "y.input", common.Bytes2Hex(rings[i][j].Y.Bytes()))
 			//log.Info("H[i][j]", "i", i, "j", j, "x", common.Bytes2Hex(hx.Bytes()), "y", common.Bytes2Hex(hy.Bytes()))
 			sx, sy = curve.ScalarMult(hx, hy, S[i][j].Bytes()) // sx, sy = s[i]*H_p(P[i])
+			if px == nil || py == nil || sx == nil || sy == nil {
+				return false
+			}
 			r_x, r_y := curve.Add(sx, sy, px, py)
 			rT := append(PadTo32Bytes(r_x.Bytes()), PadTo32Bytes(r_y.Bytes())...)
 			//log.Info("R[i][j]", "i", i, "j", j, "L", common.Bytes2Hex(rT))
--- a/core/vm/privacy/ringct_test.go
+++ b/core/vm/privacy/ringct_test.go
@ -87,6 +87,66 @@ func TestDeserialize(t *testing.T) {
 	_, err = Deserialize(sig)
 	assert.EqualError(t, err, "incorrect ring size, len r: 3804, sig.NumRing: 5 sig.Size: 56759212534490939")
 }
+
+func TestVerify1(t *testing.T) {
+	numRing := 5
+	ringSize := 10
+	s := 7
+
+	rings, privkeys, m, err := GenerateMultiRingParams(numRing, ringSize, s)
+	if err != nil {
+		t.Error("fail to generate rings")
+	}
+
+	ringSignature, err := Sign(m, rings, privkeys, s)
+	if err != nil {
+		t.Error("fail to create ring signature")
+	}
+
+	sig, err := ringSignature.Serialize()
+	if err != nil {
+		t.Error("fail to serialize input ring signature")
+	}
+
+	deserializedSig, err := Deserialize(sig)
+	if err != nil {
+		t.Error("fail to deserialize ring signature")
+	}
+
+	assert.True(t, Verify(deserializedSig, false), "Verify should return true")
+}
+
+func TestVerify2(t *testing.T) {
+	numRing := 5
+	ringSize := 10
+	s := 7
+
+	rings, privkeys, m, err := GenerateMultiRingParams(numRing, ringSize, s)
+	if err != nil {
+		t.Error("fail to generate rings")
+	}
+
+	ringSignature, err := Sign(m, rings, privkeys, s)
+	if err != nil {
+		t.Error("fail to create ring signature")
+	}
+
+	// change one sig to the scalar field
+	ringSignature.S[0][0] = curve.Params().N
+
+	sig, err := ringSignature.Serialize()
+	if err != nil {
+		t.Error("fail to serialize input ring signature")
+	}
+
+	deserializedSig, err := Deserialize(sig)
+	if err != nil {
+		t.Error("fail to deserialize ring signature")
+	}
+
+	assert.False(t, Verify(deserializedSig, false), "TestNilPointerDereferencePanic should return false")
+}
+
 func TestPadTo32Bytes(t *testing.T) {
 	arr := [44]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34}