diff --git a/CHANGELOG.md b/CHANGELOG.md index 852562f83c..c997630c77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -61,6 +61,7 @@ parameterized by the lifetime of the input byte slice. - Fix `BlsSignature` base58 check encoding/decoding. - Fix `SecretKeyEd25519` base58 check encoding/decoding. - Fix all zeros signature encoding: should be `Unknown` rather than defaulting to `Ed25519`. +- Fix `tz2` signature verification: input should be hashed. ### Security diff --git a/crypto/src/hash.rs b/crypto/src/hash.rs index 64a72199e1..d231cf6397 100644 --- a/crypto/src/hash.rs +++ b/crypto/src/hash.rs @@ -666,6 +666,7 @@ impl PublicKeySignatureVerifier for PublicKeySecp256k1 { signature: &Self::Signature, bytes: &[u8], ) -> Result { + let pk = libsecp256k1::PublicKey::parse_slice( &self.0, Some(libsecp256k1::PublicKeyFormat::Compressed), @@ -673,8 +674,11 @@ impl PublicKeySignatureVerifier for PublicKeySecp256k1 { .map_err(|_| CryptoError::InvalidPublicKey)?; let sig = libsecp256k1::Signature::parse_standard_slice(signature.as_ref()) .map_err(|_| CryptoError::InvalidSignature)?; + + let payload = crate::blake2b::digest_256(bytes); + let msg = - libsecp256k1::Message::parse_slice(bytes).map_err(|_| CryptoError::InvalidMessage)?; + libsecp256k1::Message::parse_slice(&payload).map_err(|_| CryptoError::InvalidMessage)?; Ok(libsecp256k1::verify(&msg, &sig, &pk)) } @@ -1126,15 +1130,15 @@ mod tests { #[test] fn test_secp256k1_signature_verification() { + // sk: spsk1sheno8Jt8FoBEoamFoNBxUEpjEggNNpepTFc8cEoJBA9QjDJq let pk = PublicKeySecp256k1::from_base58_check( - "sppk7cwkTzCPptCSxSTvGNg4uqVcuTbyWooLnJp4yxJNH5DReUGxYvs", + "sppk7a2WEfU54QzcQZ2EMjihtcxLeRtNTVxHw4FW2e8W5kEJ8ZargSb", ) .unwrap(); - let sig = Signature::from_base58_check("sigrJ2jqanLupARzKGvzWgL1Lv6NGUqDovHKQg9MX4PtNtHXgcvG6131MRVzujJEXfvgbuRtfdGbXTFaYJJjuUVLNNZTf5q1").unwrap().try_into().unwrap(); - let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b") - .unwrap(); + let sig = Secp256k1Signature::from_base58_check("spsig1QLf7cczTbt4UHFGQKUrB2pS3ZTu9wdXR29zKxVPQkhBaiLez6hRcM142ms7HagQa3vuPstvMtYq44y4x4RPcrLu76ZuQ7").unwrap(); + let msg = b"hello, test"; - let result = pk.verify_signature(&sig, &msg).unwrap(); + let result = pk.verify_signature(&sig, msg).unwrap(); assert!(result); } diff --git a/crypto/src/public_key.rs b/crypto/src/public_key.rs index 22a335e10d..475ba3a809 100644 --- a/crypto/src/public_key.rs +++ b/crypto/src/public_key.rs @@ -240,14 +240,15 @@ mod test { #[test] fn tz2_signature_signature_verification_succeeds() { + // sk: spsk1sheno8Jt8FoBEoamFoNBxUEpjEggNNpepTFc8cEoJBA9QjDJq let tz2 = - PublicKey::from_b58check("sppk7cwkTzCPptCSxSTvGNg4uqVcuTbyWooLnJp4yxJNH5DReUGxYvs") + PublicKey::from_b58check("sppk7a2WEfU54QzcQZ2EMjihtcxLeRtNTVxHw4FW2e8W5kEJ8ZargSb") .expect("public key decoding should work"); - let sig = Signature::from_base58_check("sigrJ2jqanLupARzKGvzWgL1Lv6NGUqDovHKQg9MX4PtNtHXgcvG6131MRVzujJEXfvgbuRtfdGbXTFaYJJjuUVLNNZTf5q1").expect("signature decoding should work"); - let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b") - .expect("payload decoding should work"); + // todo use sig not spsig + let sig = Signature::from_base58_check("siggWynZ1jzFuv67FWSAvhX8948jgL5szpwT2fZAL5brmU9egqoXd3fDXCLQJ2EBcYVLBkev3HvkQ6xnFxSBjthdonajN8JX").expect("signature decoding should work"); + let msg = b"hello, test"; - let result = tz2.verify_signature(&sig, &msg).unwrap(); + let result = tz2.verify_signature(&sig, msg).unwrap(); assert!(result); }