From 4412a7a981e8cc9bd3edb530a3ae7e5acc197f80 Mon Sep 17 00:00:00 2001
From: PuPha <nguyensanghso@gmail.com>
Date: Mon, 11 Mar 2024 14:01:31 +0700
Subject: [PATCH] fix(libauk-swift): Secp256k1 wrapper does not verify input
 lengths

---
 Sources/LibAuk/Utils/secp256k1/Secp256k1.swift | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Sources/LibAuk/Utils/secp256k1/Secp256k1.swift b/Sources/LibAuk/Utils/secp256k1/Secp256k1.swift
index 438d8ce..5fde27e 100644
--- a/Sources/LibAuk/Utils/secp256k1/Secp256k1.swift
+++ b/Sources/LibAuk/Utils/secp256k1/Secp256k1.swift
@@ -168,7 +168,8 @@ extension Secp256k1.Signing {
             let privkey = data.withUnsafeBytes({ keyBytesPtr in Array(keyBytesPtr) })
 
             // Verify the context and keys are setup correctly
-            guard secp256k1_context_randomize(context, privkey) == 1,
+            guard privkey.count == 32,
+                  secp256k1_context_randomize(context, privkey) == 1,
                   secp256k1_ec_pubkey_create(context, &cPubkey, privkey) == 1,
                   secp256k1_ec_pubkey_serialize(context, &pubkey, &pubkeyLen, &cPubkey, UInt32(SECP256K1_EC_COMPRESSED)) == 1 else {
                 self.privateKeyBytes = privatekey