Closed cgewecke closed 4 years ago
Thanks for issue, I checked code and problem is that bitcoin-core/secp256k1
check input length, while elliptic fallback do not check length for key type. Will push fix shortly.
Probably commented lines for debug on PR #160, but not uncomment back =( Before PR: https://github.com/cryptocoinjs/secp256k1-node/pull/160/files#diff-90efa0327a25e1361ca8efd38b80c8f4L46-L61 After PR: https://github.com/cryptocoinjs/secp256k1-node/pull/160/files#diff-aa0b70ce0bf24e5c6f1f19d26feec16bR44-R60
Fix published in 4.0.1
Hi, ethereumjs-util PR 228 is upgrading secp256k1 from
^3.0.1
to^4.0.0
and seeing a couple tests for invalid SEC1 keys fail in browser (karma) tests, but pass ok in Node 10. The tests worked in both contexts using 3.0.xFor example, one test case takes an invalid SEC1 key:
and passes it to publicKeyVerify expecting it to fail.
Do you have any advice about this? Is it happening because elliptic treats this key as compressed and as such its valid?