From 5924c777a73efa00bec61b67dead9869e78b4a6c Mon Sep 17 00:00:00 2001 From: Patrick McClurg Date: Wed, 14 Feb 2024 11:29:14 +0100 Subject: [PATCH 1/3] bounds check when comparing polynomials --- share/poly.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/share/poly.go b/share/poly.go index a2a64eef7..1f31ac14a 100644 --- a/share/poly.go +++ b/share/poly.go @@ -387,6 +387,11 @@ func (p *PubPoly) Equal(q *PubPoly) bool { return false } b := 1 + + if len(p.commits) < p.Threshold() || len(q.commits) < p.Threshold() { + return false + } + for i := 0; i < p.Threshold(); i++ { pb, _ := p.commits[i].MarshalBinary() qb, _ := q.commits[i].MarshalBinary() From fedb7bc383a397517a98dc0d4cf4d2ba177affd4 Mon Sep 17 00:00:00 2001 From: Patrick McClurg Date: Thu, 15 Feb 2024 11:25:09 +0100 Subject: [PATCH 2/3] added extra check of threshold --- share/poly.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/poly.go b/share/poly.go index 1f31ac14a..e96631738 100644 --- a/share/poly.go +++ b/share/poly.go @@ -388,7 +388,7 @@ func (p *PubPoly) Equal(q *PubPoly) bool { } b := 1 - if len(p.commits) < p.Threshold() || len(q.commits) < p.Threshold() { + if len(p.commits) < p.Threshold() || len(q.commits) < p.Threshold() || p.Threshold() != q.Threshold() { return false } From b631ca2b4bf8d8fb0f212b6ac7e9f9c0bc1b7391 Mon Sep 17 00:00:00 2001 From: Yolan Romailler Date: Wed, 21 Feb 2024 12:40:30 +0100 Subject: [PATCH 3/3] Fixing comment on PubPoly Equalt constant time --- share/poly.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/poly.go b/share/poly.go index e96631738..43381a9c1 100644 --- a/share/poly.go +++ b/share/poly.go @@ -379,7 +379,7 @@ func (p *PubPoly) Add(q *PubPoly) (*PubPoly, error) { } // Equal checks equality of two public commitment polynomials p and q. If p and -// q are trivially unequal (e.g., due to mismatching cryptographic groups), +// q are trivially unequal (e.g., due to mismatching cryptographic groups, or threshold issues), // this routine returns in variable time. Otherwise it runs in constant time // regardless of whether it eventually returns true or false. func (p *PubPoly) Equal(q *PubPoly) bool {