nip19: fail to decode entities with wrong length.

2025-06-20 13:50:55 +02:00 · 2024-09-16 17:35:23 -03:00 · 2024-09-16 17:35:23 -03:00 · 1e4e91f257
commit 1e4e91f257
parent 515f76bd86
2 changed files with 19 additions and 14 deletions
--- a/nip19/nip19.go
+++ b/nip19/nip19.go
@ -18,13 +18,13 @@ func Decode(bech32string string) (prefix string, value any, err error) {
 	data, err := bech32.ConvertBits(bits5, 5, 8, false)
 	if err != nil {
-		return prefix, nil, fmt.Errorf("failed translating data into 8 bits: %s", err.Error())
+		return prefix, nil, fmt.Errorf("failed to translate data into 8 bits: %s", err.Error())
 	}
 	switch prefix {
 	case "npub", "nsec", "note":
-		if len(data) < 32 {
+		if len(data) != 32 {
-			return prefix, nil, fmt.Errorf("data is less than 32 bytes (%d)", len(data))
+			return prefix, nil, fmt.Errorf("data should be 32 bytes (%d)", len(data))
 		}
 		return prefix, hex.EncodeToString(data[0:32]), nil
@ -44,8 +44,8 @@ func Decode(bech32string string) (prefix string, value any, err error) {
 			switch t {
 			case TLVDefault:
-				if len(v) < 32 {
+				if len(v) != 32 {
-					return prefix, nil, fmt.Errorf("pubkey is less than 32 bytes (%d)", len(v))
+					return prefix, nil, fmt.Errorf("pubkey should be 32 bytes (%d)", len(v))
 				}
 				result.PublicKey = hex.EncodeToString(v)
 			case TLVRelay:
@ -72,23 +72,22 @@ func Decode(bech32string string) (prefix string, value any, err error) {
 			switch t {
 			case TLVDefault:
-				if len(v) < 32 {
+				if len(v) != 32 {
-					return prefix, nil, fmt.Errorf("id is less than 32 bytes (%d)", len(v))
+					return prefix, nil, fmt.Errorf("id should be 32 bytes (%d)", len(v))
 				}
 				result.ID = hex.EncodeToString(v)
 			case TLVRelay:
 				result.Relays = append(result.Relays, string(v))
 			case TLVAuthor:
-				if len(v) < 32 {
+				if len(v) != 32 {
-					return prefix, nil, fmt.Errorf("author is less than 32 bytes (%d)", len(v))
+					return prefix, nil, fmt.Errorf("author should be 32 bytes (%d)", len(v))
 				}
 				result.Author = hex.EncodeToString(v)
 			case TLVKind:
-				if len(v) == 4 {
+				if len(v) != 4 {
 					result.Kind = int(binary.BigEndian.Uint32(v))
 				} else {
 					return prefix, nil, fmt.Errorf("invalid uint32 value for integer (%v)", v)
 				}
 				result.Kind = int(binary.BigEndian.Uint32(v))
 			default:
 				// ignore
 			}
@ -115,8 +114,8 @@ func Decode(bech32string string) (prefix string, value any, err error) {
 			case TLVRelay:
 				result.Relays = append(result.Relays, string(v))
 			case TLVAuthor:
-				if len(v) < 32 {
+				if len(v) != 32 {
-					return prefix, nil, fmt.Errorf("author is less than 32 bytes (%d)", len(v))
+					return prefix, nil, fmt.Errorf("author should be 32 bytes (%d)", len(v))
 				}
 				result.PublicKey = hex.EncodeToString(v)
 			case TLVKind:
--- a/nip19/nip19_test.go
+++ b/nip19/nip19_test.go
@ -5,6 +5,7 @@ import (
 	"github.com/nbd-wtf/go-nostr"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestEncodeNpub(t *testing.T) {
@ -139,3 +140,8 @@ func TestEncodeDecodeNEvent(t *testing.T) {
 	assert.Equal(t, 1, len(ep.Relays), "wrong number of relays")
 	assert.Equal(t, "wss://banana.com", ep.Relays[0])
 }
 func TestFailDecodeBadlyFormattedPubkey(t *testing.T) {
 	_, _, err := Decode("nevent1qqsgaj0la08u0vl2ecmlmrg4xl0vjcz647yx7jgvgzfr566ael4hmjgpp4mhxue69uhhjctzw5hx6egzgqurswpc8qurswpexq6rjvm9xp3nvcfkv56xzv35v9jnxve389snqephve3n2wf4vdsnxepcv56kxct9xyunjdf5v5cnzveexqcrsepnk6yu5r")
 	require.Error(t, err, "should fail to decode this because the author is hex as bytes garbage")
 }