From bf1f8ebbd54c0cdbb5e4185e89beec3024147197 Mon Sep 17 00:00:00 2001 From: Aaron Feickert <66188213+AaronFeickert@users.noreply.github.com> Date: Tue, 2 Jan 2024 17:24:46 -0600 Subject: [PATCH] Reject identity keys in Schnorr/Chaum proofs --- src/libspark/chaum.cpp | 5 +++++ src/libspark/schnorr.cpp | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/src/libspark/chaum.cpp b/src/libspark/chaum.cpp index 7f69852020..d6c2973f87 100644 --- a/src/libspark/chaum.cpp +++ b/src/libspark/chaum.cpp @@ -93,6 +93,11 @@ bool Chaum::verify( if (!(T.size() == n && proof.A2.size() == n && proof.t1.size() == n)) { throw std::invalid_argument("Bad Chaum semantics!"); } + for (std::size_t i = 0; i < n; i++) { + if (S[i].isInfinity()) { + throw std::invalid_argument("Bad Chaum input!"); + } + } Scalar c = challenge(mu, S, T, proof.A1, proof.A2); if (c.isZero()) { diff --git a/src/libspark/schnorr.cpp b/src/libspark/schnorr.cpp index 4657fece77..23a35ab33e 100644 --- a/src/libspark/schnorr.cpp +++ b/src/libspark/schnorr.cpp @@ -64,6 +64,12 @@ bool Schnorr::verify(const GroupElement& Y, const SchnorrProof& proof) { bool Schnorr::verify(const std::vector& Y, const SchnorrProof& proof) { const std::size_t n = Y.size(); + for (std::size_t i = 0; i < n; i++) { + if (Y[i].isInfinity()) { + throw std::invalid_argument("Bad Schnorr input key!"); + } + } + std::vector points; points.reserve(n + 2); std::vector scalars;