Merge pull request #26 from bitmark-inc/Sang/fix/7_Secp256k1_wrapper_…

…does_not_verify_input_lengths fix: Secp256k1 wrapper does not verify input lengths
bitmark-inc · Mar 14, 2024 · d0017ea · d0017ea
2 parents 4c93348 + 4412a7a
commit d0017ea
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/Sources/LibAuk/Utils/secp256k1/Secp256k1.swift b/Sources/LibAuk/Utils/secp256k1/Secp256k1.swift
@@ -168,7 +168,8 @@ extension Secp256k1.Signing {
             let privkey = data.withUnsafeBytes({ keyBytesPtr in Array(keyBytesPtr) })
 
             // Verify the context and keys are setup correctly
-            guard secp256k1_context_randomize(context, privkey) == 1,
+            guard privkey.count == 32,
+                  secp256k1_context_randomize(context, privkey) == 1,
                   secp256k1_ec_pubkey_create(context, &cPubkey, privkey) == 1,
                   secp256k1_ec_pubkey_serialize(context, &pubkey, &pubkeyLen, &cPubkey, UInt32(SECP256K1_EC_COMPRESSED)) == 1 else {
                 self.privateKeyBytes = privatekey