Skip to content

fix(public-key): enforce message length validation for ECDSA signatures#4693

Open
sergei-boiko-trustwallet wants to merge 13 commits intomasterfrom
fix/public-key-verify-message
Open

fix(public-key): enforce message length validation for ECDSA signatures#4693
sergei-boiko-trustwallet wants to merge 13 commits intomasterfrom
fix/public-key-verify-message

Conversation

@sergei-boiko-trustwallet
Copy link
Copy Markdown
Contributor

@sergei-boiko-trustwallet sergei-boiko-trustwallet commented Mar 6, 2026

This pull request introduces improved validation for message lengths in ECDSA signature verification, ensuring stricter checks and consistency across cryptographic operations. The main changes include adding message length validation for relevant public key types and updating the ECDSA signing function to enforce exact digest size requirements.

Validation improvements:

  • Added a new static function validateMessageLength in src/PublicKey.cpp to check that messages have the correct length for ECDSA-based public key types, while allowing flexible sizes for ED25519 variants.
  • Incorporated validateMessageLength into the PublicKey::verify method so that verification fails if the message length is incorrect for the specified key type.

ECDSA signing enforcement:

  • Modified the ecdsa_sign_digest_checked function in src/PrivateKey.cpp to require the digest size to be exactly 32 bytes, improving the robustness of signature generation.
  • Introduced the constant ecdsaMessageSize in PublicKey.h to define the expected message length for ECDSA operations, supporting consistent validation.

Code quality:

  • Changed validateSignatureLength to be a static function in src/PublicKey.cpp, clarifying its intended usage and scope.

@sergei-boiko-trustwallet sergei-boiko-trustwallet requested a review from a team as a code owner March 6, 2026 14:56
Copilot AI reviewed Mar 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR tightens cryptographic input validation by enforcing fixed digest/message sizes for ECDSA-family verification and signing, aiming to prevent misuse and improve consistency across key types.

Changes:

  • Added an ecdsaMessageSize constant (32 bytes) to standardize expected ECDSA digest length.
  • Introduced validateMessageLength() and integrated it into PublicKey::verify() to reject non-conforming message sizes for ECDSA-like key types while allowing ED25519 variants.
  • Hardened ecdsa_sign_digest_checked() to require an exact 32-byte digest for ECDSA signing.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.

File Description
src/PublicKey.h Adds a shared constant for expected ECDSA message/digest size and fixes a comment typo.
src/PublicKey.cpp Makes signature-length validation file-local and adds message-length validation to PublicKey::verify().
src/PrivateKey.cpp Enforces exact digest length in the checked ECDSA signing path.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 6, 2026
edited
Loading

Binary size comparison

➡️ aarch64-apple-ios: 14.34 MB

➡️ aarch64-apple-ios-sim: 14.34 MB

➡️ aarch64-linux-android: 18.77 MB

➡️ armv7-linux-androideabi: 16.20 MB

➡️ wasm32-unknown-emscripten: 13.68 MB

@mefai-dev mefai-dev mentioned this pull request Mar 20, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sergei-boiko-trustwallet @nikhil-gupta-tw