go-tuf icon indicating copy to clipboard operation
go-tuf copied to clipboard

Published 20 hours ago verified publisher icon theupdateframework

Threshold signature check fails if any single signature is invalid

Open trishankatdatadog opened this issue 3 years ago • 3 comments
trafficstars

While this section is getting some attention: I just found that this early return will cause the threshold signature check to fail if any single signature is invalid, even if there is a threshold of valid signatures. To fix, we should replace return ErrInvalid with continue.

if err := verifier.Verify(msg, sig.Signature); err != nil {
	return ErrInvalid
}

Originally posted by @ethan-lowman-dd in https://github.com/theupdateframework/go-tuf/pull/369#discussion_r961943318

trishankatdatadog avatar Sep 02 '22 20:09 trishankatdatadog

Per https://github.com/theupdateframework/go-tuf/pull/369#discussion_r961945970 and https://github.com/theupdateframework/go-tuf/pull/369#discussion_r962008245 we should be careful with this fix.

We must add tests, fix broken tests, and above all else communicate the impact of this change well.

joshuagl avatar Sep 06 '22 08:09 joshuagl

@asraa to reroute

znewman01 avatar Sep 07 '22 16:09 znewman01

cc @jku

asraa avatar Sep 07 '22 17:09 asraa