Ensure the secret key length is 64 bytes when signing.

Thanks to Nikita Skovoroda (@ChALkeR) for reporting the issue.
StableLib · Oct 21, 2024 · 7f831e4 · 7f831e4
1 parent ecfe910
commit 7f831e4
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/packages/ed25519/ed25519.test.ts b/packages/ed25519/ed25519.test.ts
@@ -5157,6 +5157,13 @@ describe("ed25519", () => {
         expect(ok).toBe(true);
     });
 
+    it("should not sign with secret key of invalid length", () => {
+        const keys = generateKeyPair();
+        const message = new Uint8Array([1, 2, 3]);
+        const secretKey = keys.secretKey.subarray(0, 32);
+        expect(() => sign(secretKey, message)).toThrow();
+    });
+
     it("should extract public key from secret key", () => {
         const keys = generateKeyPair();
         const publicKey = extractPublicKeyFromSecretKey(keys.secretKey);

diff --git a/packages/ed25519/ed25519.ts b/packages/ed25519/ed25519.ts
@@ -739,6 +739,9 @@ function reduce(r: Uint8Array) {
 
 // Returns 64-byte signature of the message under the 64-byte secret key.
 export function sign(secretKey: Uint8Array, message: Uint8Array): Uint8Array {
+    if (secretKey.length !== SECRET_KEY_LENGTH) {
+        throw new Error(`ed25519: secret key must be ${SECRET_KEY_LENGTH} bytes`);
+    }
     const x = new Float64Array(64);
     const p = [gf(), gf(), gf(), gf()];