-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor: update crypto/ledger to btcec/v2 #14123
Conversation
64990db
to
2a072c0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps @odeke-em would like to take a quick look as well.
LGTM! 👍 |
[Cosmos SDK] Kudos, SonarCloud Quality Gate passed! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for this change @julienrbrt, and thank you for the co-review and tag @elias-orijtech! I've added some suggestions, please take a look @julienrbrt and then I'll approve
sigStr := sigDER.Serialize() | ||
var r, s big.Int | ||
// The format of a DER encoded signature is as follows: | ||
// 0x30 <total length> 0x02 <length of R> <R> 0x02 <length of S> <S> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might seem paranoid, but I suggest that we add a length minimum check here
// Validating that we have a somewhat proper DER signature.
if n := len(sigDER); n < 4 {
return nil, fmt.Errorf("invalid DER length: want >=4 got %d", n)
}
if g, w := sigDER[0], 0x30; g != w {
return nil, fmt.Errorf("invalid DER: byte[0]=%x, want=%x", g, w)
}
if wantLen, gotLen := int(sigDER[1]), len(sigDER[3:]); gotLen != wantLen {
return nil, fmt.Errorf("invalid DER len: got=%d, want=%d",
gotLen, wantLen)
}
// Eliminate compiler Bounds checking.
_ = sigDER[9:]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems a bit paranoid indeed, given that Serialize
always returns this format.
https://go.dev/play/p/WuZKekW5s9x
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cool no biggie.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK
[Cosmos SDK - SimApp] Kudos, SonarCloud Quality Gate passed! |
* chore(crypto): update crypto/ledger to v2 * go mod tidy * updates * add comment (cherry picked from commit 417ce25) # Conflicts: # go.mod # simapp/go.mod # simapp/go.sum # tests/go.mod # tests/go.sum
* refactor: update crypto/ledger to btcec/v2 (#14123) * chore(crypto): update crypto/ledger to v2 * go mod tidy * updates * add comment (cherry picked from commit 417ce25) # Conflicts: # go.mod # simapp/go.mod # simapp/go.sum # tests/go.mod # tests/go.sum * fix conflicts Co-authored-by: Julien Robert <[email protected]>
* chore(crypto): update crypto/ledger to v2 * go mod tidy * updates * add comment
* chore(crypto): update crypto/ledger to v2 * go mod tidy * updates * add comment
Description
ref: #13513 (comment)
kindly pinging @elias-orijtech
Author Checklist
All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.
I have...
!
to the type prefix if API or client breaking changeCHANGELOG.md
Reviewers Checklist
All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.
I have...
!
in the type prefix if API or client breaking change