[tss][cs-6.19]: KeySign Message Hash Is Silently Truncated to Curve Order Major
byteflyfunny opened this issue · 1 comments
byteflyfunny commented
The function MsgToHashInt checks for an error condition that cannot occur due to the hardcoded nil error value in the called function. Additionally, the function hashToInt silently truncates the msg[] array (essentially a byte[] hash) to the curve order without any checks to ensure that msg[] is well-formed and within the operational bounds of the function, e.g., a minimum or maximum length. This can lead to undesirable behavior.
byteflyfunny commented
No matter the length of the msg[] is too large, it will always be truncated to a fixed length in the end.
orderBits := c.Params().N.BitLen() orderBytes := (orderBits + 7) / 8 if len(hash) > orderBytes { hash = hash[:orderBytes] }