This is an automated email from the ASF dual-hosted git repository. sandreoli pushed a commit to branch review-ncc in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git
commit c6d3d5ab373b2fd18681be2b13217326c5b5102b Author: Samuele Andreoli <[email protected]> AuthorDate: Wed May 13 14:33:27 2020 +0100 Add bounds check in factoring nizkp verify --- include/amcl/factoring_zk.h | 8 +++++--- src/factoring_zk.c | 12 +++++++++++- test/unit/test_factoring_zk_verify.c | 24 ++++++++++++++++++++++-- 3 files changed, 38 insertions(+), 6 deletions(-) diff --git a/include/amcl/factoring_zk.h b/include/amcl/factoring_zk.h index c0cd9e5..d4db1ac 100644 --- a/include/amcl/factoring_zk.h +++ b/include/amcl/factoring_zk.h @@ -43,10 +43,12 @@ extern "C" #define HFS_2048 MODBYTES_1024_58 * HFLEN_2048 /**< Half 2048 field size in bytes */ #endif -#define FACTORING_ZK_B 16 /**< Security parameter, length in bytes */ +#define FACTORING_ZK_A FS_2048 /**< Proof, length in bytes */ +#define FACTORING_ZK_B 16 /**< Security parameter, length in bytes */ -#define FACTORING_ZK_OK 0 /**< Proof successfully verified */ -#define FACTORING_ZK_FAIL 91 /**< Invalid proof */ +#define FACTORING_ZK_OK 0 /**< Proof successfully verified */ +#define FACTORING_ZK_FAIL 91 /**< Invalid proof */ +#define FACTORING_ZK_OUT_OF_BOUNDS 92 /**< Invalid proof bounds */ /** \brief Prove knowledge of the modulus m in ZK * diff --git a/src/factoring_zk.c b/src/factoring_zk.c index 2e8ad99..7578733 100644 --- a/src/factoring_zk.c +++ b/src/factoring_zk.c @@ -241,7 +241,17 @@ int FACTORING_ZK_verify(octet *N, octet *E, octet *Y) char w[FS_2048]; octet W = {0, sizeof(w), w}; - // 0 <= Y <= A by construction + // Check bounds for 0 <= Y < A + if(Y->len > FACTORING_ZK_A) + { + return FACTORING_ZK_OUT_OF_BOUNDS; + } + + // Check bounds for 0 <= E < B + if(E->len > FACTORING_ZK_B) + { + return FACTORING_ZK_OUT_OF_BOUNDS; + } // Process N in the hash function H(N, ?) HASH256_init(&sha); diff --git a/test/unit/test_factoring_zk_verify.c b/test/unit/test_factoring_zk_verify.c index c142f7c..56ab562 100644 --- a/test/unit/test_factoring_zk_verify.c +++ b/test/unit/test_factoring_zk_verify.c @@ -93,11 +93,31 @@ int main(int argc, char **argv) } /* Test unhappy path */ - E.val[0]++; + char *t[FS_2048 + 1]; + octet T = {0, sizeof(t), t}; - rc = FACTORING_ZK_verify(&N, &E, &Y); + // Invalid E + OCT_copy(&T, &E); + T.val[0]++; + + rc = FACTORING_ZK_verify(&N, &T, &Y); assert(NULL, "FACTORING_ZK_verify. Invalid E", rc == FACTORING_ZK_FAIL); + // E out of bounds + OCT_copy(&T, &E); + T.len++; + + rc = FACTORING_ZK_verify(&N, &T, &Y); + assert(NULL, "FACTORING_ZK_verify. E out of bounds", rc == FACTORING_ZK_OUT_OF_BOUNDS); + + // Y out of bounds + OCT_copy(&T, &Y); + T.len++; + + rc = FACTORING_ZK_verify(&N, &E, &T); + assert(NULL, "FACTORING_ZK_verify. Y out of bounds", rc == FACTORING_ZK_OUT_OF_BOUNDS); + + printf("SUCCESS\n"); exit(EXIT_SUCCESS); }
