CBLSWrapper::SetHexStr() should not accept non-hex strings (#2843)

* CBLSWrapper::SetHexStr() should not accept non-hex strings * Rework to implement suggested behaviour
2019-04-08 08:07:26 +03:00 · 2019-04-08 08:07:26 +03:00 · 9fa09b974b
commit 9fa09b974b
parent 0f0d8eaf48
2 changed files with 23 additions and 0 deletions
--- a/src/bls/bls.h
+++ b/src/bls/bls.h
@ -155,8 +155,13 @@ public:

    bool SetHexStr(const std::string& str)
    {
+        if (!IsHex(str)) {
+            Reset();
+            return false;
+        }
        auto b = ParseHex(str);
        if (b.size() != SerSize) {
+            Reset();
            return false;
        }
        SetBuf(b);
--- a/src/test/bls_tests.cpp
+++ b/src/test/bls_tests.cpp
@ -10,6 +10,24 @@

 BOOST_FIXTURE_TEST_SUITE(bls_tests, BasicTestingSetup)

+BOOST_AUTO_TEST_CASE(bls_sethexstr_tests)
+{
+    CBLSSecretKey sk;
+    std::string strValidSecret = "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f";
+    // Note: invalid string passed to SetHexStr() should cause it to fail and reset key internal data
+    BOOST_CHECK(sk.SetHexStr(strValidSecret));
+    BOOST_CHECK(!sk.SetHexStr("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1g")); // non-hex
+    BOOST_CHECK(!sk.IsValid());
+    BOOST_CHECK(sk == CBLSSecretKey());
+    // Try few more invalid strings
+    BOOST_CHECK(sk.SetHexStr(strValidSecret));
+    BOOST_CHECK(!sk.SetHexStr("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e")); // hex but too short
+    BOOST_CHECK(!sk.IsValid());
+    BOOST_CHECK(sk.SetHexStr(strValidSecret));
+    BOOST_CHECK(!sk.SetHexStr("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20")); // hex but too long
+    BOOST_CHECK(!sk.IsValid());
+}
+
 BOOST_AUTO_TEST_CASE(bls_sig_tests)
 {
    CBLSSecretKey sk1, sk2;