PublicKey constructor will quietly accept invalid inputs (#403)

liquizard · web-flow · commit e61b309d81ea · 2022-07-01T03:58:09.000+01:00
* Fatal error for bad value passed to PublicKey constructor

* Fix invalid public key arg in test

* Version bump

* Remove IsMaybeEncoded use IsValidWithoutWhitespace instead
diff --git a/SharedBuildProperties.props b/SharedBuildProperties.props
@@ -2,7 +2,7 @@
   xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Product>Solnet</Product>
-    <Version>6.0.13</Version>
+    <Version>6.0.14</Version>
     <Copyright>Copyright 2022 &#169; Solnet</Copyright>
     <Authors>blockmountain</Authors>
     <PublisherName>blockmountain</PublisherName>
diff --git a/src/Solnet.Wallet/PublicKey.cs b/src/Solnet.Wallet/PublicKey.cs
@@ -79,7 +79,9 @@ public PublicKey(byte[] key)
         /// <param name="key">The public key as base58 encoded string.</param>
         public PublicKey(string key)
         {
-            Key = key ?? throw new ArgumentNullException(nameof(key));
+            if (key == null) throw new ArgumentNullException(nameof(key));
+            if (!FastCheck(key)) throw new ArgumentException("publickey contains a non-base58 character");
+            Key = key;
         }
 
         /// <summary>
@@ -201,10 +203,11 @@ public bool IsValid()
         /// <returns>Returns true if the input is a valid key, false otherwise.</returns>
         public static bool IsValid(string key, bool validateCurve = false)
         {
-            if(!string.IsNullOrEmpty(key))
+            if (!string.IsNullOrEmpty(key))
             {
                 try
                 {
+                    if (!FastCheck(key)) return false;
                     return IsValid(Encoders.Base58.DecodeData(key), validateCurve);
                 }
                 catch(Exception)
@@ -249,6 +252,18 @@ public static bool IsValid(ReadOnlySpan<byte> key, bool validateCurve = false)
             return key != null && key.Length == PublicKeyLength && (!validateCurve || key.IsOnCurve());
         }
 
+        /// <summary>
+        /// Fast validation to determine whether this is a valid public key input pattern. 
+        /// Checks are valid characters for base58 and no whitespace.
+        /// Avoids performing the conversion to a buffer and checking it is actually 32 bytes as a permformance trade-off.
+        /// </summary>
+        /// <param name="value">public key value to check</param>
+        /// <returns>true means good, false means bad</returns>
+        private static bool FastCheck(string value)
+        {
+            return Base58Encoder.IsValidWithoutWhitespace(value);
+        }
+
         #region KeyDerivation
 
         /// <summary>
diff --git a/src/Solnet.Wallet/Utilities/Base58Encoder.cs b/src/Solnet.Wallet/Utilities/Base58Encoder.cs
@@ -2,6 +2,7 @@
 
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.Linq;
 
 namespace Solnet.Wallet.Utilities
@@ -15,6 +16,7 @@ public sealed class Base58Encoder : DataEncoder
         /// The base58 characters.
         /// </summary>
         private static readonly char[] PszBase58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz".ToCharArray();
+        private static readonly Dictionary<char, bool> Validator = PszBase58.ToDictionary(x => x, x => true);
 
         /// <summary>
         /// 
@@ -37,17 +39,6 @@ public sealed class Base58Encoder : DataEncoder
             -1,-1,-1,-1,-1,-1,-1,-1, -1,-1,-1,-1,-1,-1,-1,-1,
             -1,-1,-1,-1,-1,-1,-1,-1, -1,-1,-1,-1,-1,-1,-1,-1,
         };
-        /// <summary>
-        /// Fast check if the string to know if base58 str
-        /// </summary>
-        /// <param name="str"></param>
-        /// <returns></returns>
-        public bool IsMaybeEncoded(string str)
-        {
-            bool maybeB58 = str.All(t => ((IList)PszBase58).Contains(t));
-
-            return maybeB58 && str.Length > 0;
-        }
 
         /// <summary>
         /// Encode the data.
@@ -170,5 +161,23 @@ public override byte[] DecodeData(string encoded)
                 vch[i2++] = b256[it2++];
             return vch;
         }
+
+
+        /// <summary>
+        /// Strict validation with no whitespace allowed
+        /// </summary>
+        /// <param name="value">Base58 string data</param>
+        /// <returns></returns>
+        /// <exception cref="ArgumentNullException"></exception>
+        public static bool IsValidWithoutWhitespace(string value)
+        {
+            if (value == null) throw new ArgumentNullException(nameof(value));
+            for (var ix = 0; ix < value.Length; ix++)
+                if (!Validator.ContainsKey(value[ix]))
+                    return false;
+            return true;
+        }
+
     }
-}
+
+}
diff --git a/test/Solnet.Extensions.Test/TokenWalletTest.cs b/test/Solnet.Extensions.Test/TokenWalletTest.cs
@@ -284,7 +284,7 @@ public void TestTokenWalletSendAddressCheck()
             Assert.IsFalse(testTokenAccount.IsAssociatedTokenAccount);
 
             // trigger send to bogus target wallet
-            var targetOwner = "FAILzxtbcZ2vy3GSLLsZTEhbAqXPTRvEyoxa8wxSqKp5";
+            var targetOwner = "BADxzxtbcZ2vy3GSLLsZTEhbAqXPTRvEyoxa8wxSqKp5";
             wallet.Send(testTokenAccount, 1M, targetOwner, signer.PublicKey, builder => builder.Build(signer));
 
         }
diff --git a/test/Solnet.Wallet.Test/KeysTest.cs b/test/Solnet.Wallet.Test/KeysTest.cs
@@ -294,6 +294,8 @@ public void TestFindProgramAddress()
         public void TestIsValid()
         {
             Assert.IsTrue(PublicKey.IsValid("GUs5qLUfsEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K"));
+            Assert.IsFalse(PublicKey.IsValid("GUs5qLUfsEHkcMB9T38vj*18ypEhRuNWiePW2LoK4E3K"));
+            Assert.IsFalse(PublicKey.IsValid("GUs5qLUfsEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K "));
         }
 
         [TestMethod]
@@ -331,12 +333,28 @@ public void TestIsValid_False()
         public void TestIsValid_Empty_False()
         {
             Assert.IsFalse(PublicKey.IsValid(""));
+            Assert.IsFalse(PublicKey.IsValid("  "));
         }
 
         [TestMethod]
         public void TestIsValid_InvalidB58_False()
         {
             Assert.IsFalse(PublicKey.IsValid("lllllll"));
         }
+
+        [TestMethod]
+        [ExpectedException(typeof(ArgumentException))]
+        public void TestCreateBadPublicKeyFatal_1()
+        {
+            _ = new PublicKey("GUs5qLUfsEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K ");
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(ArgumentException))]
+        public void TestCreateBadPublicKeyFatal_2()
+        {
+            _ = new PublicKey("GUs5qLU&sEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K");
+        }
+
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,9 @@ public PublicKey(byte[] key)`
`79`	`79`	`/// <param name="key">The public key as base58 encoded string.</param>`
`80`	`80`	`public PublicKey(string key)`
`81`	`81`	`{`
`82`		`- Key = key ?? throw new ArgumentNullException(nameof(key));`
	`82`	`+ if (key == null) throw new ArgumentNullException(nameof(key));`
	`83`	`+ if (!FastCheck(key)) throw new ArgumentException("publickey contains a non-base58 character");`
	`84`	`+ Key = key;`
`83`	`85`	`}`
`84`	`86`
`85`	`87`	`/// <summary>`
`@@ -201,10 +203,11 @@ public bool IsValid()`
`201`	`203`	`/// <returns>Returns true if the input is a valid key, false otherwise.</returns>`
`202`	`204`	`public static bool IsValid(string key, bool validateCurve = false)`
`203`	`205`	`{`
`204`		`- if(!string.IsNullOrEmpty(key))`
	`206`	`+ if (!string.IsNullOrEmpty(key))`
`205`	`207`	`{`
`206`	`208`	`try`
`207`	`209`	`{`
	`210`	`+ if (!FastCheck(key)) return false;`
`208`	`211`	`return IsValid(Encoders.Base58.DecodeData(key), validateCurve);`
`209`	`212`	`}`
`210`	`213`	`catch(Exception)`
`@@ -249,6 +252,18 @@ public static bool IsValid(ReadOnlySpan<byte> key, bool validateCurve = false)`
`249`	`252`	`return key != null && key.Length == PublicKeyLength && (!validateCurve \|\| key.IsOnCurve());`
`250`	`253`	`}`
`251`	`254`
	`255`	`+ /// <summary>`
	`256`	`+ /// Fast validation to determine whether this is a valid public key input pattern.`
	`257`	`+ /// Checks are valid characters for base58 and no whitespace.`
	`258`	`+ /// Avoids performing the conversion to a buffer and checking it is actually 32 bytes as a permformance trade-off.`
	`259`	`+ /// </summary>`
	`260`	`+ /// <param name="value">public key value to check</param>`
	`261`	`+ /// <returns>true means good, false means bad</returns>`
	`262`	`+ private static bool FastCheck(string value)`
	`263`	`+ {`
	`264`	`+ return Base58Encoder.IsValidWithoutWhitespace(value);`
	`265`	`+ }`
	`266`	`+`
`252`	`267`	`#region KeyDerivation`
`253`	`268`
`254`	`269`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -284,7 +284,7 @@ public void TestTokenWalletSendAddressCheck()`
`284`	`284`	`Assert.IsFalse(testTokenAccount.IsAssociatedTokenAccount);`
`285`	`285`
`286`	`286`	`// trigger send to bogus target wallet`
`287`		`- var targetOwner = "FAILzxtbcZ2vy3GSLLsZTEhbAqXPTRvEyoxa8wxSqKp5";`
	`287`	`+ var targetOwner = "BADxzxtbcZ2vy3GSLLsZTEhbAqXPTRvEyoxa8wxSqKp5";`
`288`	`288`	`wallet.Send(testTokenAccount, 1M, targetOwner, signer.PublicKey, builder => builder.Build(signer));`
`289`	`289`
`290`	`290`	`}`
Original file line number	Diff line number	Diff line change
`@@ -294,6 +294,8 @@ public void TestFindProgramAddress()`
`294`	`294`	`public void TestIsValid()`
`295`	`295`	`{`
`296`	`296`	`Assert.IsTrue(PublicKey.IsValid("GUs5qLUfsEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K"));`
	`297`	`+ Assert.IsFalse(PublicKey.IsValid("GUs5qLUfsEHkcMB9T38vj*18ypEhRuNWiePW2LoK4E3K"));`
	`298`	`+ Assert.IsFalse(PublicKey.IsValid("GUs5qLUfsEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K "));`
`297`	`299`	`}`
`298`	`300`
`299`	`301`	`[TestMethod]`
`@@ -331,12 +333,28 @@ public void TestIsValid_False()`
`331`	`333`	`public void TestIsValid_Empty_False()`
`332`	`334`	`{`
`333`	`335`	`Assert.IsFalse(PublicKey.IsValid(""));`
	`336`	`+ Assert.IsFalse(PublicKey.IsValid(" "));`
`334`	`337`	`}`
`335`	`338`
`336`	`339`	`[TestMethod]`
`337`	`340`	`public void TestIsValid_InvalidB58_False()`
`338`	`341`	`{`
`339`	`342`	`Assert.IsFalse(PublicKey.IsValid("lllllll"));`
`340`	`343`	`}`
	`344`	`+`
	`345`	`+ [TestMethod]`
	`346`	`+ [ExpectedException(typeof(ArgumentException))]`
	`347`	`+ public void TestCreateBadPublicKeyFatal_1()`
	`348`	`+ {`
	`349`	`+ _ = new PublicKey("GUs5qLUfsEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K ");`
	`350`	`+ }`
	`351`	`+`
	`352`	`+ [TestMethod]`
	`353`	`+ [ExpectedException(typeof(ArgumentException))]`
	`354`	`+ public void TestCreateBadPublicKeyFatal_2()`
	`355`	`+ {`
	`356`	`+ _ = new PublicKey("GUs5qLU&sEHkcMB9T38vjr18ypEhRuNWiePW2LoK4E3K");`
	`357`	`+ }`
	`358`	`+`
`341`	`359`	`}`
`342`	`360`	`}`