Closed guidovranken closed 3 years ago
Here is the delta in Relic - https://github.com/relic-toolkit/relic/compare/1885ae...e6209f
I tracked down the issue inside RELIC, which accepted integers out of the canonical bounds [0, p-1] by first reducing modulo p. Sorry about that.
I just modified the behavior such that byte arrays must satisfy the bounds (as specified in the encoding standards), while strings are still handled flexibly. The latter is convenient for initializing curve coefficients, for example.
The PoC code now triggers an error with version 1620a03b388e50acd68ed9c88d7cd82ec5490ce4
of RELIC.
@dfaranha - It looks like your fix broke something additional - https://github.com/Chia-Network/bls-signatures/pull/248
Oh, will take a look tomorrow morning.
Assuming this is fixed, if not we will hear it from OSS-Fuzz and I will reopen the issue.
OSS-Fuzz issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36141
Before https://github.com/Chia-Network/bls-signatures/commit/2dd0730d1f5648c8e0e0cfcbee3baeec96316fbe this would throw an exception, but now it prints:
As far as I can tell, it should throw an exception; blst and py_ecc also refuse to load this point. Not throwing an exception is probably in violation of the BLS spec.
To reproduce this issue, on x64 Linux:
and then
CC @dfaranha