You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Security & Bug Fixes
Harden Paillier validation: create_pub now validates the modulus (odd, >1, within bit_size) and returns error_t, preventing acceptance of malicious moduli from counterparties.
Enforce Paillier modulus size bounds in ECDSA 2PC keygen/refresh to prevent potential buffer overflows in constant-time decryption.
Fix use-after-free in buf_t: operator= and operator+= with an aliasing mem_t view would read zeroed/freed memory.
Fix out-of-bounds write in HD key derivation: resize derived_keys inside derive_keys() rather than relying on caller pre-allocation.
Fix const-correctness in secp256k1 point conversion to avoid undefined behavior from casting away const on Jacobian coordinates.
Other
Add vartime_scope_t to paillier_t::verify_cipher for correct side-channel annotation.
Add bits_t::ref_t copy assignment operator for correct value semantics.