Skip to content

Commit 9e7c49b

Browse files
armfazharmfazh
committed
Detects invalid encodings of bls12381 elements.
1 parent 5f94471 commit 9e7c49b

File tree

3 files changed

+49
-19
lines changed

3 files changed

+49
-19
lines changed

ecc/bls12381/doc.go

+37-19
Original file line numberDiff line numberDiff line change
@@ -32,23 +32,41 @@
3232
// is the lexicographically largest of the two associated with the encoded
3333
// x-coordinate.
3434
//
35-
// |----------------------------------------------------|
36-
// | Serialization Format |
37-
// |-----|-------|-------|---------------|--------------|
38-
// | MSB | MSB-1 | MSB-2 | Description | Encoding |
39-
// |-----|-------|-------|---------------|--------------|
40-
// | 0 | X | X | Uncompressed | e || x || y |
41-
// | 1 | X | X | Compressed | e || x |
42-
// |-----|-------|-------|---------------|--------------|
43-
// | X | 0 | X | Non-Infinity | e || x || y |
44-
// | X | 1 | X | Infinity | e || 0 || 0 |
45-
// |-----|-------|-------|---------------|--------------|
46-
// | | | | Compressed, | |
47-
// | 1 | 0 | 1 | Non-Infinity, | e || x |
48-
// | | | | Big y-coord | |
49-
// |-----|-------|-------|---------------|--------------|
50-
// | | | | Compressed, | |
51-
// | 1 | 0 | 0 | Non-Infinity, | e || x |
52-
// | | | | Small y-coord | |
53-
// |----------------------------------------------------|
35+
// |------------------------------------------------------|
36+
// | Serialization Format |
37+
// |-----|-------|-------|-----------------|--------------|
38+
// | MSB | MSB-1 | MSB-2 | Description | Encoding |
39+
// |-----|-------|-------|-----------------|--------------|
40+
// | | | | Non-compressed, | |
41+
// | 0 | 0 | 0 | Non-Infinity, | e || x || y |
42+
// | | | | Zero. | |
43+
// |-----|-------|-------|-----------------|--------------|
44+
// | | | | Non-compressed, | |
45+
// | 0 | 0 | 1 | Non-Infinity, | Invalid |
46+
// | | | | One. | |
47+
// |-----|-------|-------|-----------------|--------------|
48+
// | | | | Non-compressed, | |
49+
// | 0 | 1 | 0 | Infinity, | e || 0 || 0 |
50+
// | | | | Zero. | |
51+
// |-----|-------|-------|-----------------|--------------|
52+
// | | | | Non-compressed, | |
53+
// | 0 | 1 | 1 | Infinity, | Invalid |
54+
// | | | | One. | |
55+
// |-----|-------|-------|-----------------|--------------|
56+
// | | | | Compressed, | |
57+
// | 1 | 0 | 0 | Non-Infinity, | e || x |
58+
// | | | | Small y-coord | |
59+
// |-----|-------|-------|-----------------|--------------|
60+
// | | | | Compressed, | |
61+
// | 1 | 0 | 1 | Non-Infinity, | e || x |
62+
// | | | | Big y-coord | |
63+
// |-----|-------|-------|-----------------|--------------|
64+
// | | | | Compressed, | |
65+
// | 1 | 1 | 0 | Infinity, | e || 0 |
66+
// | | | | Zero. | |
67+
// |-----|-------|-------|-----------------|--------------|
68+
// | | | | Compressed, | |
69+
// | 1 | 1 | 1 | Infinity, | Invalid |
70+
// | | | | One. | |
71+
// |------------------------------------------------------|
5472
package bls12381

ecc/bls12381/g1.go

+6
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,12 @@ func (g *G1) SetBytes(b []byte) error {
3434
return errInputLength
3535
}
3636

37+
// Check for invalid prefixes
38+
switch b[0] & 0xE0 {
39+
case 0x20, 0x60, 0xE0:
40+
return errEncoding
41+
}
42+
3743
isCompressed := int((b[0] >> 7) & 0x1)
3844
isInfinity := int((b[0] >> 6) & 0x1)
3945
isBigYCoord := int((b[0] >> 5) & 0x1)

ecc/bls12381/g2.go

+6
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,12 @@ func (g *G2) SetBytes(b []byte) error {
3232
return errInputLength
3333
}
3434

35+
// Check for invalid prefixes
36+
switch b[0] & 0xE0 {
37+
case 0x20, 0x60, 0xE0:
38+
return errEncoding
39+
}
40+
3541
isCompressed := int((b[0] >> 7) & 0x1)
3642
isInfinity := int((b[0] >> 6) & 0x1)
3743
isBigYCoord := int((b[0] >> 5) & 0x1)

0 commit comments

Comments
 (0)