Strengthen validation of threshold.

BlockchainCommons · Aug 18, 2021 · c67d102 · c67d102
1 parent 1cbf2fc
commit c67d102
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 1 deletion.
diff --git a/src/shamir-constants.h b/src/shamir-constants.h
@@ -17,5 +17,6 @@
 #define SHAMIR_ERROR_CHECKSUM_FAILURE      (-104)
 #define SHAMIR_ERROR_SECRET_TOO_SHORT      (-105)
 #define SHAMIR_ERROR_SECRET_NOT_EVEN_LEN   (-106)
+#define SHAMIR_ERROR_INVALID_THRESHOLD     (-107)
 
 #endif /* SHAMIR_CONSTANTS_H */
diff --git a/src/shamir.c b/src/shamir.c
@@ -51,6 +51,8 @@ int32_t split_secret(
 ) {
     if(shard_count > SHAMIR_MAX_SHARD_COUNT) {
         return SHAMIR_ERROR_TOO_MANY_SHARDS;
+    } else if(threshold < 1 || threshold > shard_count) {
+        return SHAMIR_ERROR_INVALID_THRESHOLD;
     } else if(secret_length > SHAMIR_MAX_SECRET_SIZE) {
         return SHAMIR_ERROR_SECRET_TOO_LONG;
     } else if(secret_length < SHAMIR_MIN_SECRET_SIZE) {

diff --git a/src/shamir.h b/src/shamir.h
@@ -43,7 +43,7 @@ uint8_t* create_digest(
  *
  * returns: the number of shards created, or a negative value if there was an error
  *
- * inputs: threshold: number of shards required to recover secret
+ * inputs: threshold: number of shards required to recover secret. Must be 1 <= threshold <= shard_count.
  *         shard_count: number of shards to generate
  *         secret: array of bytes representing the secret
  *         secret_length: length of the secret array. must be >= 16, <= 32 and even.