str4d.xyz / atproto-devtool
CLI app for developers prototyping atproto functionality
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix(identity): actually assert P-256 low-s normalization in test

The test previously claimed "implicitly tests normalization" by verifying
the signature, but p256::ecdsa::VerifyingKey::verify_prehash accepts both
high-s and low-s signatures. The normalize_s() call in the implementation
was untested. Add an explicit assertion that the signature is already
low-s after signing.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

authored by

Jack Grigg
Claude Haiku 4.5 and committed by
Tangled 93522cfc 4f97f3e4

+12 -6
+12 -6
src/common/identity.rs
··· 1550 1550 1551 1551 #[test] 1552 1552 fn any_signing_key_p256_signature_is_normalized() { 1553 - // Test that P256 signatures produced by AnySigningKey::sign are normalized. 1554 - // We verify this by signing with P256 and checking that the signature 1555 - // round-trips correctly with the verifying key. 1553 + // Test that P256 signatures produced by AnySigningKey::sign are normalized to low-s. 1556 1554 let key = AnySigningKey::P256(P256SigningKey::from_slice(&[3u8; 32]).expect("valid seed")); 1557 1555 let msg = b"test message for normalization"; 1558 1556 let vkey = key.verifying_key(); ··· 1560 1558 // Sign and get the signature. 1561 1559 let sig = key.sign(msg); 1562 1560 1563 - // Verify the signature using the corresponding verifying key. 1564 - // This implicitly tests normalization: if the signature were high-s, 1565 - // the verification would fail or produce an incorrect result. 1561 + // Explicitly verify that the signature is low-s (normalized). 1562 + if let AnySignature::P256(sig_p256) = &sig { 1563 + assert!( 1564 + sig_p256.normalize_s().is_none(), 1565 + "signature should already be low-s (further normalization should return None)" 1566 + ); 1567 + } else { 1568 + unreachable!("signing with P256 key must produce P256 signature"); 1569 + } 1570 + 1571 + // Also verify that signature verifies correctly. 1566 1572 use sha2::Digest as _; 1567 1573 let hash: [u8; 32] = sha2::Sha256::digest(msg).into(); 1568 1574 assert!(