Home Explore Help
Sign In
pascal
/
CryptoLib4Pascal
mirror of https://github.com/Xor-el/CryptoLib4Pascal
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Ed25519 verifiers now reject overly long signatures

Ugochukwu Mmaduekwe 6 years ago
parent
ffb0187c1c
commit
f80209a77e
8 changed files with 63 additions and 1 deletions
Split View Show Diff Stats
  1. 13 1
      CryptoLib.Tests/src/Others/Ed25519HigherLevelTests.pas
  2. 5 0
      CryptoLib/src/Crypto/Signers/ClpEd25519Blake2BSigner.pas
  3. 5 0
      CryptoLib/src/Crypto/Signers/ClpEd25519CtxBlake2BSigner.pas
  4. 5 0
      CryptoLib/src/Crypto/Signers/ClpEd25519CtxSigner.pas
  5. 5 0
      CryptoLib/src/Crypto/Signers/ClpEd25519PhBlake2BSigner.pas
  6. 5 0
      CryptoLib/src/Crypto/Signers/ClpEd25519PhSigner.pas
  7. 5 0
      CryptoLib/src/Crypto/Signers/ClpEd25519Signer.pas
  8. 20 0
      CryptoLib/src/Utils/ClpArrayUtils.pas

+ 13 - 1
CryptoLib.Tests/src/Others/Ed25519HigherLevelTests.pas
View File 

@@ -229,7 +229,7 @@ var
 
   kp: IAsymmetricCipherKeyPair;
 
   privateKey: IEd25519PrivateKeyParameters;
 
   publicKey: IEd25519PublicKeyParameters;
 
-  msg, signature: TCryptoLibByteArray;
 
+  msg, signature, wrongLengthSignature: TCryptoLibByteArray;
 
   Signer, verifier: ISigner;
 
   shouldVerify, shouldNotVerify: Boolean;
 
   algorithmName: String;
 
@@ -264,6 +264,18 @@ begin
 
     Fail(Format('Ed25519 (%s) signature failed to verify', [algorithmName]));
 
   end;
 
 
+  wrongLengthSignature := TArrayUtils.Prepend(signature, Byte($00));
 
+
 
+  verifier.Init(False, publicKey);
 
+  verifier.BlockUpdate(msg, 0, System.length(msg));
 
+  shouldNotVerify := verifier.VerifySignature(wrongLengthSignature);
 
+
 
+  if (shouldNotVerify) then
 
+  begin
 
+    Fail(Format('Ed25519 (%s) wrong length signature incorrectly verified',
 
+      [algorithmName]));
 
+  end;
 
+
 
   tempRand := FRandom.Next();
 
   signature[tempRand mod System.length(signature)] :=
 
     signature[tempRand mod System.length(signature)

+ 5 - 0
CryptoLib/src/Crypto/Signers/ClpEd25519Blake2BSigner.pas
View File 

@@ -172,6 +172,11 @@ begin
 
     raise EInvalidOperationCryptoLibException.CreateRes
 
       (@SNotInitializedForVerifying);
 
   end;
 
+  if (TEd25519Blake2B.SignatureSize <> System.Length(signature)) then
 
+  begin
 
+    Result := false;
 
+    Exit;
 
+  end;
 
   pk := FPublicKey.GetEncoded();
 
   buf := Aggregate();
 
   count := System.Length(buf);

+ 5 - 0
CryptoLib/src/Crypto/Signers/ClpEd25519CtxBlake2BSigner.pas
View File 

@@ -174,6 +174,11 @@ begin
 
     raise EInvalidOperationCryptoLibException.CreateRes
 
       (@SNotInitializedForVerifying);
 
   end;
 
+  if (TEd25519Blake2B.SignatureSize <> System.Length(signature)) then
 
+  begin
 
+    Result := false;
 
+    Exit;
 
+  end;
 
   pk := FPublicKey.GetEncoded();
 
   buf := Aggregate();
 
   count := System.Length(buf);

+ 5 - 0
CryptoLib/src/Crypto/Signers/ClpEd25519CtxSigner.pas
View File 

@@ -173,6 +173,11 @@ begin
 
     raise EInvalidOperationCryptoLibException.CreateRes
 
       (@SNotInitializedForVerifying);
 
   end;
 
+  if (TEd25519.SignatureSize <> System.Length(signature)) then
 
+  begin
 
+    Result := false;
 
+    Exit;
 
+  end;
 
   pk := FPublicKey.GetEncoded();
 
   buf := Aggregate();
 
   count := System.Length(buf);

+ 5 - 0
CryptoLib/src/Crypto/Signers/ClpEd25519PhBlake2BSigner.pas
View File 

@@ -165,6 +165,11 @@ begin
 
     raise EInvalidOperationCryptoLibException.CreateRes
 
       (@SNotInitializedForVerifying);
 
   end;
 
+  if (TEd25519Blake2B.SignatureSize <> System.Length(signature)) then
 
+  begin
 
+    Result := false;
 
+    Exit;
 
+  end;
 
   pk := FPublicKey.GetEncoded();
 
   Result := FEd25519Blake2BInstance.VerifyPrehash(signature, 0, pk, 0, FContext,
 
     FPreHash);

+ 5 - 0
CryptoLib/src/Crypto/Signers/ClpEd25519PhSigner.pas
View File 

@@ -164,6 +164,11 @@ begin
 
     raise EInvalidOperationCryptoLibException.CreateRes
 
       (@SNotInitializedForVerifying);
 
   end;
 
+  if (TEd25519.SignatureSize <> System.Length(signature)) then
 
+  begin
 
+    Result := false;
 
+    Exit;
 
+  end;
 
   pk := FPublicKey.GetEncoded();
 
   Result := FEd25519Instance.VerifyPrehash(signature, 0, pk, 0, FContext,
 
     FPreHash);

+ 5 - 0
CryptoLib/src/Crypto/Signers/ClpEd25519Signer.pas
View File 

@@ -171,6 +171,11 @@ begin
 
     raise EInvalidOperationCryptoLibException.CreateRes
 
       (@SNotInitializedForVerifying);
 
   end;
 
+  if (TEd25519.SignatureSize <> System.Length(signature)) then
 
+  begin
 
+    Result := false;
 
+    Exit;
 
+  end;
 
   pk := FPublicKey.GetEncoded();
 
   buf := Aggregate();
 
   count := System.Length(buf);

+ 20 - 0
CryptoLib/src/Utils/ClpArrayUtils.pas
View File 

@@ -74,6 +74,9 @@ type
 
     class function Prepend(const A: TCryptoLibByteArray; B: Byte)
 
       : TCryptoLibByteArray; static;
 
 
+    class function Append(const A: TCryptoLibByteArray; B: Byte)
 
+      : TCryptoLibByteArray; static;
 
+
 
     class function CopyOf(const data: TCryptoLibByteArray; newLength: Int32)
 
       : TCryptoLibByteArray; static;
 
 
@@ -420,4 +423,21 @@ begin
 
   Result[0] := B;
 
 end;
 
 
+class function TArrayUtils.Append(const A: TCryptoLibByteArray; B: Byte)
 
+  : TCryptoLibByteArray;
 
+var
 
+  &length: Int32;
 
+begin
 
+  if (A = Nil) then
 
+  begin
 
+    Result := TCryptoLibByteArray.Create(B);
 
+    Exit;
 
+  end;
 
+
 
+  Length := System.Length(A);
 
+  System.SetLength(Result, Length + 1);
 
+  System.Move(A[0], Result[0], Length * System.SizeOf(Byte));
 
+  Result[Length] := B;
 
+end;
 
+
 
 end.