fix: ECDSA HashToInt bytes-bits mismatch (#428)

* fix: bytes-bits mismatch when masking excess bits in ecdsa * chore: go generate
Consensys · Jul 11, 2023 · 9a9a43c · 9a9a43c
1 parent 8f7ca09
commit 9a9a43c
Show file tree

Hide file tree

Showing 12 changed files with 24 additions and 12 deletions.
diff --git a/ecc/bls12-377/ecdsa/ecdsa.go b/ecc/bls12-377/ecdsa/ecdsa.go
diff --git a/ecc/bls12-378/ecdsa/ecdsa.go b/ecc/bls12-378/ecdsa/ecdsa.go
diff --git a/ecc/bls12-381/ecdsa/ecdsa.go b/ecc/bls12-381/ecdsa/ecdsa.go
diff --git a/ecc/bls24-315/ecdsa/ecdsa.go b/ecc/bls24-315/ecdsa/ecdsa.go
diff --git a/ecc/bls24-317/ecdsa/ecdsa.go b/ecc/bls24-317/ecdsa/ecdsa.go
diff --git a/ecc/bn254/ecdsa/ecdsa.go b/ecc/bn254/ecdsa/ecdsa.go
diff --git a/ecc/bw6-633/ecdsa/ecdsa.go b/ecc/bw6-633/ecdsa/ecdsa.go
diff --git a/ecc/bw6-756/ecdsa/ecdsa.go b/ecc/bw6-756/ecdsa/ecdsa.go
diff --git a/ecc/bw6-761/ecdsa/ecdsa.go b/ecc/bw6-761/ecdsa/ecdsa.go
diff --git a/ecc/secp256k1/ecdsa/ecdsa.go b/ecc/secp256k1/ecdsa/ecdsa.go
diff --git a/ecc/stark-curve/ecdsa/ecdsa.go b/ecc/stark-curve/ecdsa/ecdsa.go
diff --git a/internal/generator/ecdsa/template/ecdsa.go.tmpl b/internal/generator/ecdsa/template/ecdsa.go.tmpl
@@ -19,6 +19,7 @@ var errInvalidSig = errors.New("invalid signature")
 
 const (
 	sizeFr         = fr.Bytes
+	sizeFrBits     = fr.Bits
 	sizeFp         = fp.Bytes
 {{- if eq .Name "secp256k1"}}
 	sizePublicKey  = 2 * sizeFp
@@ -94,7 +95,7 @@ func HashToInt(hash []byte) *big.Int {
 		hash = hash[:sizeFr]
     }
 	ret := new(big.Int).SetBytes(hash)
-	excess := len(hash)*8 - sizeFr
+	excess := ret.BitLen() - sizeFrBits
 	if excess > 0 {
 		ret.Rsh(ret, uint(excess))
 	}