Skip to content

Commit 6f5ecb4

Browse files
webmaster128webmaster128
committed
Require two pubkey recoveries to succeed
1 parent 4b2da65 commit 6f5ecb4

File tree

2 files changed

+13
-20
lines changed

2 files changed

+13
-20
lines changed

packages/crypto/src/secp256k1.rs

Lines changed: 8 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -380,17 +380,14 @@ mod tests {
380380
assert_eq!(hash.as_slice(), message_hash.as_slice());
381381

382382
// Since the recovery param is missing in the test vectors, we try both 0 and 1
383-
let try0 = secp256k1_recover_pubkey(&message_hash, &signature, 0);
384-
let try1 = secp256k1_recover_pubkey(&message_hash, &signature, 1);
385-
match (try0, try1) {
386-
(Ok(recovered0), Ok(recovered1)) => {
387-
// Got two different pubkeys. Without the recovery param, we don't know which one is the right one.
388-
assert!(recovered0 == public_key || recovered1 == public_key)
389-
},
390-
(Ok(recovered), Err(_)) => assert_eq!(recovered, public_key),
391-
(Err(_), Ok(recovered)) => assert_eq!(recovered, public_key),
392-
(Err(_), Err(_)) => panic!("secp256k1_recover_pubkey failed (test case {i} in {COSMOS_SECP256K1_TESTS_JSON})"),
393-
}
383+
let recovered0 = secp256k1_recover_pubkey(&message_hash, &signature, 0).unwrap();
384+
let recovered1 = secp256k1_recover_pubkey(&message_hash, &signature, 1).unwrap();
385+
// Got two different pubkeys. Without the recovery param, we don't know which one is the right one.
386+
assert_ne!(recovered0, recovered1);
387+
assert!(
388+
recovered0 == public_key || recovered1 == public_key,
389+
"Did not find correct pubkey (test case {i} in {COSMOS_SECP256K1_TESTS_JSON})"
390+
);
394391
}
395392
}
396393

packages/crypto/tests/wycheproof_secp256k1.rs

Lines changed: 5 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -286,15 +286,11 @@ fn ecdsa_secp256k1_sha3_512() {
286286

287287
fn test_secp256k1_recover_pubkey(message_hash: &[u8], signature: &[u8], public_key: &[u8]) {
288288
// Since the recovery param is missing in the test vectors, we try both 0 and 1
289-
for recovery_param in 0..=1 {
290-
if let Ok(recovered) = secp256k1_recover_pubkey(message_hash, signature, recovery_param) {
291-
if recovered == public_key {
292-
// success, found working recovery param
293-
return;
294-
}
295-
}
296-
}
297-
panic!("secp256k1_recover_pubkey failed for all recovery params");
289+
let recovered0 = secp256k1_recover_pubkey(message_hash, signature, 0).unwrap();
290+
let recovered1 = secp256k1_recover_pubkey(message_hash, signature, 1).unwrap();
291+
// Got two different pubkeys. Without the recovery param, we don't know which one is the right one.
292+
assert_ne!(recovered0, recovered1);
293+
assert!(recovered0 == public_key || recovered1 == public_key);
298294
}
299295

300296
fn from_der(data: &[u8]) -> Result<[u8; 64], String> {

0 commit comments

Comments
 (0)