Right now it's possible to pass malformed command.message or command.digest value when signing. The buffer will be incorrectly decoded and this might lead to unexpected results or signing a different value than expected. This PR would introduce input validation for these parameters and fail early if something is malformed.
Description
Checklist
Changes to the drivers
[ ] (PR Author) The affected drivers were manually tested
Changes to CLI
[X] (PR Author) The change was manually tested with the CLI
[ ] (PR Author) The affected CLI features are working with the standalone binary (at least one platform)
[ ] (Checked by maintainer) The CLI test procedure was run by the project's maintainer
Changes to web library
[ ] (PR Author) The change was manually tested with the web library included within a classic HTML application (flat libhalo.js)
[ ] (PR Author) The change was manually tested with the web library included within an app based on frontend framework (React.js or similar based on webpack)
[ ] (Checked by maintainer) The web test suite was run by the project's maintainer
Changes to nfc-manager driver
[ ] (PR Author) The change was manually tested in React Native app
[ ] (Checked by maintainer) The test suite was run through the test React Native project
Right now it's possible to pass malformed
command.messageorcommand.digestvalue when signing. The buffer will be incorrectly decoded and this might lead to unexpected results or signing a different value than expected. This PR would introduce input validation for these parameters and fail early if something is malformed.Description
Checklist
Changes to the drivers
Changes to CLI
Changes to web library
libhalo.js)Changes to nfc-manager driver