From ebc7dc9e37a8f9b2ed54ca9578e88b7f2ae968e3 Mon Sep 17 00:00:00 2001
From: Lucia <lucia.wang@harmoney.co.nz>
Date: Sat, 8 Nov 2025 23:25:53 +1300
Subject: [PATCH] crypto: validate hash length in no cgo Sign (#33104)

- Replace hardcoded DigestLength
- Add hash length validation
---
 crypto/signature_nocgo.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/crypto/signature_nocgo.go b/crypto/signature_nocgo.go
index d76127c258..9dce1057fa 100644
--- a/crypto/signature_nocgo.go
+++ b/crypto/signature_nocgo.go
@@ -43,6 +43,9 @@ func sigToPub(hash, sig []byte) (*secp256k1.PublicKey, error) {
 	if len(sig) != SignatureLength {
 		return nil, errors.New("invalid signature")
 	}
+	if len(hash) != DigestLength {
+		return nil, fmt.Errorf("hash is required to be exactly %d bytes (%d)", DigestLength, len(hash))
+	}
 	// Convert to secp256k1 input format with 'recovery id' v at the beginning.
 	btcsig := make([]byte, SignatureLength)
 	btcsig[0] = sig[RecoveryIDOffset] + 27
@@ -76,8 +79,8 @@ func SigToPub(hash, sig []byte) (*ecdsa.PublicKey, error) {
 //
 // The produced signature is in the [R || S || V] format where V is 0 or 1.
 func Sign(hash []byte, prv *ecdsa.PrivateKey) ([]byte, error) {
-	if len(hash) != 32 {
-		return nil, fmt.Errorf("hash is required to be exactly 32 bytes (%d)", len(hash))
+	if len(hash) != DigestLength {
+		return nil, fmt.Errorf("hash is required to be exactly %d bytes (%d)", DigestLength, len(hash))
 	}
 	if prv.Curve != S256() {
 		return nil, errors.New("private key curve is not secp256k1")