search

xJonathanLEI / starknet-rs

Complete Starknet library in Rust™
https://starknet.rs
Apache License 2.0
277 stars 96 forks source link

`starknet_crypto::ecdsa::verify` panics #365

Closed satoshiotomakan closed 1 year ago

satoshiotomakan commented 1 year ago

Got a panic while fuzzing testing starknet_crypto::ecdsa::verify:

called Option::unwrap() on a None value thread 'starkex::tests::test_verify_panic' panicked at 'called Option::unwrap() on a None value', /path/to/starknet-curve-0.2.1/src/ec_point.rs:28:33 stack backtrace: 0: rust_begin_unwind at /rustc/17c11672167827b0dd92c88ef69f24346d1286dd/library/std/src/panicking.rs:577:5 1: core::panicking::panic_fmt at /rustc/17c11672167827b0dd92c88ef69f24346d1286dd/library/core/src/panicking.rs:67:14 2: core::panicking::panic at /rustc/17c11672167827b0dd92c88ef69f24346d1286dd/library/core/src/panicking.rs:117:5 3: core::option::Option::unwrap at /rustc/17c11672167827b0dd92c88ef69f24346d1286dd/library/core/src/option.rs:952:21 4: starknet_curve::ec_point::AffinePoint::from_x at /path/to/starknet-curve-0.2.1/src/ec_point.rs:28:16 5: starknet_crypto::ecdsa::verify at /path/to/starknet-crypto-0.4.3/src/ecdsa.rs:144:27

Example:

let hash = any!();
let public = FieldElement::from_bytes_be(hex::decode("03ee9bffffffffff26ffffffff60ffffffffffffffffffffffffffff004accff").unwrap());
let signature_r = FieldElement::from_bytes_be(hex::decode("06ffffffffffffffffffffffffffffffffffffffffffff06ffff5dffff9bffdf").unwrap());
let signature_s = FieldElement::from_bytes_be(hex::decode("00ffffff9b9b9b9b9b9b9b9bbb9bff9b9bbb9bff9b9b9b9b9b9b9b9b9b9b9b33").unwrap());
assert!(!ecdsa_verify(&public, &hash, &signature_r, &signature_s));
xJonathanLEI commented 1 year ago

Thanks for reporting! This is apparently a bug when the supplied public key is invalid by itself. Working on a fix now. A new version of starknet-crypto should be published soon.