Add padding for pubkey numbers.

This change pads serialized (big endian) pubkey numbers to a length of 32 bytes. Previously, because serialized pubkey numbers are read MSB-first, if a number could be serialized in less than 31 bytes, the deserialized number would be incorrect.
2013-11-01 16:09:46 -04:00 · 2013-11-01 16:09:46 -04:00 · 506c3eacac
commit 506c3eacac
parent 98ac46b37d
1 changed files with 16 additions and 5 deletions
--- a/pubkey.go
+++ b/pubkey.go
@ -98,8 +98,8 @@ type PublicKey ecdsa.PublicKey
 func (p *PublicKey) SerializeUncompressed() []byte {
 	b := make([]byte, 65)
 	b[0] = pubkeyUncompressed
-	copy(b[1:33], p.X.Bytes())
-	copy(b[33:], p.Y.Bytes())
+	copy(b[1:33], pad(32, p.X.Bytes()))
+	copy(b[33:], pad(32, p.Y.Bytes()))
 	return b
 }

@ -111,7 +111,7 @@ func (p *PublicKey) SerializeCompressed() []byte {
 		format |= 0x1
 	}
 	b[0] = format
-	copy(b[1:33], p.X.Bytes())
+	copy(b[1:33], pad(32, p.X.Bytes()))
 	return b
 }

@ -123,7 +123,18 @@ func (p *PublicKey) SerializeHybrid() []byte {
 		format |= 0x1
 	}
 	b[0] = format
-	copy(b[1:33], p.X.Bytes())
-	copy(b[33:], p.Y.Bytes())
+	copy(b[1:33], pad(32, p.X.Bytes()))
+	copy(b[33:], pad(32, p.Y.Bytes()))
 	return b
 }
+
+func pad(size int, b []byte) []byte {
+	// Prevent a possible panic if the input exceeds the expected size.
+	if len(b) > size {
+		size = len(b)
+	}
+
+	p := make([]byte, size)
+	copy(p[size-len(b):], b)
+	return p
+}