`ursa` crashes on seed lenght shorter than 32 bytes for `secp256k1` #213

Erigara · 2022-08-25T10:23:54Z

Ursa crashes if seed length is less than 32 bytes for secp256k1, but other algorithms work fine with this seed.

The problem seems to be that in other cases the input seed is hashed before being passed to the rng generator.

Minimal example that reproduce issue

use ursa::{
    keys::KeyGenOption,
    signatures::{
        secp256k1::EcdsaSecp256k1Sha256,
        SignatureScheme,
    },
};

fn main() {
    let options = KeyGenOption::UseSeed(vec![1, 2, 3]);
    let key_pair = EcdsaSecp256k1Sha256::new().keypair(Some(options));
    println!("{:?}", key_pair);
}

brentzundel added security enhancement New feature or request labels Feb 1, 2023

brentzundel added this to the v1.0 milestone Feb 1, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

`ursa` crashes on seed lenght shorter than 32 bytes for `secp256k1` #213

`ursa` crashes on seed lenght shorter than 32 bytes for `secp256k1` #213

Erigara commented Aug 25, 2022

ursa crashes on seed lenght shorter than 32 bytes for secp256k1 #213

ursa crashes on seed lenght shorter than 32 bytes for secp256k1 #213

Comments

Erigara commented Aug 25, 2022

Minimal example that reproduce issue

`ursa` crashes on seed lenght shorter than 32 bytes for `secp256k1` #213

`ursa` crashes on seed lenght shorter than 32 bytes for `secp256k1` #213