From 76facf0e80089dfe293ab765d242fd9992a36960 Mon Sep 17 00:00:00 2001 From: Tarak Ben Youssef Date: Fri, 20 Nov 2020 21:01:03 -0800 Subject: [PATCH] improve erroring when bootstrapping keys are validated --- cmd/bootstrap/cmd/util.go | 2 +- crypto/bls.go | 10 +++++----- crypto/ecdsa.go | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cmd/bootstrap/cmd/util.go b/cmd/bootstrap/cmd/util.go index ed7d8757327..bbfc661ad00 100644 --- a/cmd/bootstrap/cmd/util.go +++ b/cmd/bootstrap/cmd/util.go @@ -37,7 +37,7 @@ func readJSON(path string, target interface{}) { } err = json.Unmarshal(dat, target) if err != nil { - log.Fatal().Err(err).Msg("cannot unmarshal json in file") + log.Fatal().Err(err).Msgf("cannot unmarshal json in file %s", path) } } diff --git a/crypto/bls.go b/crypto/bls.go index ca96b3abee7..622dd38d344 100644 --- a/crypto/bls.go +++ b/crypto/bls.go @@ -193,16 +193,16 @@ func (a *blsBLS12381Algo) decodePrivateKey(privateKeyBytes []byte) (PrivateKey, // This function includes a membership check in G2 func (a *blsBLS12381Algo) decodePublicKey(publicKeyBytes []byte) (PublicKey, error) { if len(publicKeyBytes) != pubKeyLengthBLSBLS12381 { - return nil, fmt.Errorf("the input length has to be equal to %d", pubKeyLengthBLSBLS12381) + return nil, fmt.Errorf("the input length has to be %d", pubKeyLengthBLSBLS12381) } var pk PubKeyBLSBLS12381 if readPointG2(&pk.point, publicKeyBytes) != nil { - return nil, errors.New("the input slice does not encode a public key") + return nil, errors.New("the input does not encode a BLS12-381 point") } - if pk.point.checkMembershipG2() { - return &pk, nil + if !pk.point.checkMembershipG2() { + return nil, errors.New("the input does not encode a BLS12-381 point in the valid group") } - return nil, errors.New("the public key is not a valid BLS12-381 curve key") + return &pk, nil } // PrKeyBLSBLS12381 is the private key of BLS using BLS12_381, it implements PrivateKey diff --git a/crypto/ecdsa.go b/crypto/ecdsa.go index 78b6430367a..0b158a51676 100644 --- a/crypto/ecdsa.go +++ b/crypto/ecdsa.go @@ -185,13 +185,13 @@ func (a *ecdsaAlgo) rawDecodePrivateKey(der []byte) (PrivateKey, error) { n := a.curve.Params().N nlen := bitsToBytes(n.BitLen()) if len(der) != nlen { - return nil, errors.New("raw private key size is not valid") + return nil, fmt.Errorf("input has incorrect %s key size", a.algo) } var d big.Int d.SetBytes(der) if d.Cmp(n) >= 0 { - return nil, errors.New("raw public key value is not valid") + return nil, fmt.Errorf("input is not a valid %s key", a.algo) } priv := goecdsa.PrivateKey{ @@ -214,7 +214,7 @@ func (a *ecdsaAlgo) rawDecodePublicKey(der []byte) (PublicKey, error) { p := (a.curve.Params().P) plen := bitsToBytes(p.BitLen()) if len(der) != 2*plen { - return nil, errors.New("raw public key size is not valid") + return nil, fmt.Errorf("input has incorrect %s key size", a.algo) } var x, y big.Int x.SetBytes(der[:plen]) @@ -223,7 +223,7 @@ func (a *ecdsaAlgo) rawDecodePublicKey(der []byte) (PublicKey, error) { // all the curves supported for now have a cofactor equal to 1, // so that IsOnCurve guarantees the point is on the right subgroup. if x.Cmp(p) >= 0 || y.Cmp(p) >= 0 || !a.curve.IsOnCurve(&x, &y) { - return nil, errors.New("raw public key value is not valid") + return nil, fmt.Errorf("input is not a valid %s key", a.algo) } pk := goecdsa.PublicKey{