Merge pull request #16 from starkbank/fix/signature-range

cdottori-stark · web-flow · commit ed22e484186d · 2021-11-04T19:35:51.000-03:00
Fixed signature range
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,21 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
+and this project adheres to the following versioning pattern:
+
+Given a version number MAJOR.MINOR.PATCH, increment:
+
+- MAJOR version when **breaking changes** are introduced;
+- MINOR version when **backwards compatible changes** are introduced;
+- PATCH version when backwards compatible bug **fixes** are implemented.
+
+
+## [Unreleased]
+### Fixed
+- Signature r and s range check
+
+## [1.0.0] - 2020-04-22
+### Added
+- first official version
diff --git a/src/main/java/com/starkbank/ellipticcurve/Ecdsa.java b/src/main/java/com/starkbank/ellipticcurve/Ecdsa.java
@@ -55,6 +55,20 @@ public static boolean verify(String message, Signature signature, PublicKey publ
         Curve curve = publicKey.curve;
         BigInteger r = signature.r;
         BigInteger s = signature.s;
+
+        if (r.compareTo(new BigInteger(String.valueOf(1))) < 0) {
+            return false;
+        }
+        if (r.compareTo(curve.N) >= 0) {
+            return false;
+        }
+        if (s.compareTo(new BigInteger(String.valueOf(1))) < 0) {
+            return false;
+        }
+        if (s.compareTo(curve.N) >= 0) {
+            return false;
+        }
+        
         BigInteger w = Math.inv(s, curve.N);
         Point u1 =Math.multiply(curve.G, numberMessage.multiply(w).mod(curve.N), curve.N, curve.A, curve.P);
         Point u2 = Math.multiply(publicKey.point, r.multiply(w).mod(curve.N), curve.N, curve.A, curve.P);
