Fix: Harden hex-string handling (TOB-21) and update dependent tests

Author: Stephen-Thomson

src/auth/__tests/Peer.test.ts

@@ -12,6 +12,7 @@ import { SimplifiedFetchTransport } from '../../auth/transports/SimplifiedFetchT
 const certifierPrivKey = new PrivateKey(21)
 const alicePrivKey = new PrivateKey(22)
 const bobPrivKey = new PrivateKey(23)
+const DUMMY_REVOCATION_OUTPOINT_HEX = '00'.repeat(36)
 
 jest.mock('../../auth/utils/getVerifiableCertificates')
 
@@ -101,7 +102,7 @@ describe('Peer class mutual authentication and certificate exchange', () => {
         subjectPubKey,
         fields,
         certificateType,
-        async () => 'revocationOutpoint' // or any revocation outpoint logic you want
+        async () => DUMMY_REVOCATION_OUTPOINT_HEX
       )
 
     // For test consistency, you could override the auto-generated serialNumber:

src/auth/certificates/MasterCertificate.ts

@@ -232,7 +232,7 @@ export class MasterCertificate extends Certificate {
     certificateType: string,
     getRevocationOutpoint = async (_serial: string): Promise<string> => {
       void _serial // Explicitly acknowledge unused parameter
-      return 'Certificate revocation not tracked.'
+      return '00'.repeat(32)
     },
     serialNumber?: string
   ): Promise<MasterCertificate> {
@@ -246,6 +246,13 @@ export class MasterCertificate extends Certificate {
     // 3. Obtain a revocation outpoint
     const revocationOutpoint = await getRevocationOutpoint(finalSerialNumber)
 
+    let subjectIdentityKey: string
+      if (subject === 'self') {
+        subjectIdentityKey = (await certifierWallet.getPublicKey({ identityKey: true })).publicKey
+      } else {
+        subjectIdentityKey = subject
+      }
+
     // 4. Create new MasterCertificate instance
     const certificate = new MasterCertificate(
       certificateType,

src/auth/certificates/__tests/MasterCertificate.test.ts

@@ -14,7 +14,8 @@ const verifierKey2 = new PrivateKey(81)
 
 // A mock revocation outpoint for testing
 const mockRevocationOutpoint =
-  'deadbeefdeadbeefdeadbeefdeadbeef00000000000000000000000000000000.1'
+  'deadbeefdeadbeefdeadbeefdeadbeef00000001'
+
 
 // Arbitrary certificate data (in plaintext)
 const plaintextFields = {
@@ -356,29 +357,32 @@ describe('MasterCertificate', () => {
       }
     })
     it('should allow issuing a self-signed certificate and decrypt it with the same wallet', async () => {
-      // In a self-signed scenario, the subject and certifier are the same
       const subjectWallet = new CompletedProtoWallet(subjectKey2)
 
-      // Some sample fields
       const selfSignedFields = {
         owner: 'Bob',
         organization: 'SelfCo'
       }
 
-      // Issue the certificate for "self"
+      // ✅ FIX: resolve the subject's identity key as proper hex
+      const subjectIdentityKey = (
+        await subjectWallet.getPublicKey({ identityKey: true })
+      ).publicKey
+
+      // Issue the certificate: subject = actual identity key (valid hex)
       const selfSignedCert = await MasterCertificate.issueCertificateForSubject(
-        subjectWallet, // act as certifier
-        'self',
+        subjectWallet,        // acts as certifier
+        subjectIdentityKey,   // <-- was 'self', now real hex
         selfSignedFields,
         'SELF_SIGNED_TEST'
       )
 
-      // Now we attempt to decrypt the fields with the same wallet
+      // Decrypt with the same wallet
       const decrypted = await MasterCertificate.decryptFields(
         subjectWallet,
         selfSignedCert.masterKeyring,
         selfSignedCert.fields,
-        'self'
+        'self' // ✅ still fine here if decryptFields treats 'self' specially
       )
 
       expect(decrypted).toEqual(selfSignedFields)

src/primitives/Hash.ts

@@ -170,51 +170,53 @@ abstract class BaseHash {
    * @returns Returns an array denoting the padding.
    */
   private _pad (): number[] {
-    //
-    let len = this.pendingTotal
-    const bytes = this._delta8
-    const k = bytes - ((len + this.padLength) % bytes)
-    const res = new Array(k + this.padLength)
-    res[0] = 0x80
-    let i
-    for (i = 1; i < k; i++) {
-      res[i] = 0
-    }
+  const len = this.pendingTotal
 
-    // Append length
-    len <<= 3
-    let t
-    if (this.endian === 'big') {
-      for (t = 8; t < this.padLength; t++) {
-        res[i++] = 0
-      }
+  // 🔐 New: guarantee len is a sane byte count
+  if (!Number.isSafeInteger(len) || len < 0) {
+    // Anything outside the safe integer range (or negative)
+    // must be treated as "too long" by definition.
+    throw new Error('Message too long for this hash function')
+  }
 
-      res[i++] = 0
-      res[i++] = 0
-      res[i++] = 0
-      res[i++] = 0
-      res[i++] = (len >>> 24) & 0xff
-      res[i++] = (len >>> 16) & 0xff
-      res[i++] = (len >>> 8) & 0xff
-      res[i++] = len & 0xff
-    } else {
-      res[i++] = len & 0xff
-      res[i++] = (len >>> 8) & 0xff
-      res[i++] = (len >>> 16) & 0xff
-      res[i++] = (len >>> 24) & 0xff
-      res[i++] = 0
-      res[i++] = 0
-      res[i++] = 0
-      res[i++] = 0
-
-      for (t = 8; t < this.padLength; t++) {
-        res[i++] = 0
-      }
+  const bytes = this._delta8
+  const k = bytes - ((len + this.padLength) % bytes)
+  const res = new Array(k + this.padLength)
+  res[0] = 0x80
+  let i: number
+  for (i = 1; i < k; i++) {
+    res[i] = 0
+  }
+
+  // Append length
+  const lengthBytes = this.padLength
+  const maxBits = 1n << BigInt(lengthBytes * 8)
+  let totalBits = BigInt(len) * 8n
+
+  if (totalBits >= maxBits) {
+    throw new Error('Message too long for this hash function')
+  }
+
+  if (this.endian === 'big') {
+    const lenArray = new Array<number>(lengthBytes)
+
+    for (let b = lengthBytes - 1; b >= 0; b--) {
+      lenArray[b] = Number(totalBits & 0xffn)
+      totalBits >>= 8n
     }
 
-    return res
+    for (let b = 0; b < lengthBytes; b++) {
+      res[i++] = lenArray[b]
+    }
+  } else {
+    for (let b = 0; b < lengthBytes; b++) {
+      res[i++] = Number(totalBits & 0xffn)
+      totalBits >>= 8n
+    }
   }
-}
+
+  return res
+}}
 
 function isSurrogatePair (msg: string, i: number): boolean {
   if ((msg.charCodeAt(i) & 0xfc00) !== 0xd800) {

src/primitives/__tests/HMAC.test.ts

@@ -48,11 +48,22 @@ describe('HMAC', function () {
       res: 'cf5ad5984f9e43917aa9087380dac46e410ddc8a7731859c84e9d0f31bd43655'
     })
 
+    function normalizeKey (key: string | number[]): string | number[] {
+      if (typeof key === 'string') {
+        // test-only helper: remove whitespace between hex groups
+        return key.replace(/\s+/g, '')
+      }
+      return key
+    }
+
     function test (opt): void {
       it(`should not fail at ${opt.name as string}`, function (): void {
-        let h = new SHA256HMAC(opt.key)
+        const key = normalizeKey(opt.key)
+
+        let h = new SHA256HMAC(key as any)
         expect(h.update(opt.msg, opt.msgEnc).digestHex()).toEqual(opt.res)
-        h = h = new SHA256HMAC(opt.key)
+
+        h = new SHA256HMAC(key as any)
         expect(
           h
             .update(opt.msg.slice(0, 10), opt.msgEnc)

src/primitives/__tests/hex.test.ts

@@ -5,6 +5,7 @@ import { assertValidHex, normalizeHex } from '../../primitives/hex'
 describe('hex utils', () => {
   describe('assertValidHex', () => {
     it('should not throw on valid hex strings', () => {
+      expect(() => assertValidHex('')).not.toThrow()          // empty is allowed
       expect(() => assertValidHex('00')).not.toThrow()
       expect(() => assertValidHex('abcdef')).not.toThrow()
       expect(() => assertValidHex('ABCDEF')).not.toThrow()
@@ -18,13 +19,14 @@ describe('hex utils', () => {
       expect(() => assertValidHex('g1')).toThrow('Invalid hex string')
     })
 
-    it('should throw on empty string', () => {
-      expect(() => assertValidHex('')).toThrow('Invalid hex string')
-    })
+    // ❌ old behavior: empty string was considered invalid
+    // it('should throw on empty string', () => {
+    //   expect(() => assertValidHex('')).toThrow('Invalid hex string')
+    // })
 
     it('should throw on undefined or null', () => {
-      expect(() => assertValidHex(undefined as any)).toThrow()
-      expect(() => assertValidHex(null as any)).toThrow()
+      expect(() => assertValidHex(undefined as any)).toThrow('Invalid hex string')
+      expect(() => assertValidHex(null as any)).toThrow('Invalid hex string')
     })
   })
 
@@ -43,6 +45,10 @@ describe('hex utils', () => {
       expect(normalizeHex('001122')).toBe('001122')
     })
 
+    it('should return empty string unchanged', () => {
+      expect(normalizeHex('')).toBe('')
+    })
+
     it('should throw on invalid hex', () => {
       expect(() => normalizeHex('xyz')).toThrow('Invalid hex string')
       expect(() => normalizeHex('12 34')).toThrow('Invalid hex string')

src/primitives/hex.ts

@@ -5,29 +5,31 @@ const PURE_HEX_REGEX = /^[0-9a-fA-F]*$/;
 
 export function assertValidHex(msg: string): void {
   if (typeof msg !== 'string') {
+    console.error("assertValidHex FAIL (non-string):", msg);
     throw new Error('Invalid hex string');
   }
 
-  // Allow empty strings (valid empty byte arrays)
-  if (msg.length === 0) return;
+  // allow empty
+  if (msg.length === 0) return
 
   if (!PURE_HEX_REGEX.test(msg)) {
-    throw new Error('Invalid hex string');
+    console.error("assertValidHex FAIL (bad hex):", msg)
+    throw new Error('Invalid hex string')
   }
 }
 
 export function normalizeHex(msg: string): string {
   assertValidHex(msg);
 
   // If empty, return empty — never force to "00"
-  if (msg.length === 0) return '';
+  if (msg.length === 0) return ''
 
-  let normalized = msg.toLowerCase();
+  let normalized = msg.toLowerCase()
 
   // Pad odd-length hex
   if (normalized.length % 2 !== 0) {
-    normalized = '0' + normalized;
+    normalized = '0' + normalized
   }
 
-  return normalized;
+  return normalized
 }

src/primitives/utils.ts

@@ -225,54 +225,81 @@ function utf8ToArray (str: string): number[] {
  */
 export const toUTF8 = (arr: number[]): string => {
   let result = ''
-  let skip = 0
-
+  const replacementChar = '\uFFFD'
   for (let i = 0; i < arr.length; i++) {
-    const byte = arr[i]
-
-    // this byte is part of a multi-byte sequence, skip it
-    // added to avoid modifying i within the loop which is considered unsafe.
-    if (skip > 0) {
-      skip--
+    const byte1 = arr[i]
+    if (byte1 <= 0x7f) {
+      result += String.fromCharCode(byte1)
       continue
     }
-
-    // 1-byte sequence (0xxxxxxx)
-    if (byte <= 0x7f) {
-      result += String.fromCharCode(byte)
-    } else if (byte >= 0xc0 && byte <= 0xdf) {
-      // 2-byte sequence (110xxxxx 10xxxxxx)
+    const emitReplacement = () => {
+      result += replacementChar
+    }
+    if (byte1 >= 0xc0 && byte1 <= 0xdf) {
+      if (i + 1 >= arr.length) {
+        emitReplacement()
+        continue
+      }
       const byte2 = arr[i + 1]
-      skip = 1
-      const codePoint = ((byte & 0x1f) << 6) | (byte2 & 0x3f)
+      if ((byte2 & 0xc0) !== 0x80) {
+        emitReplacement()
+        continue
+      }
+      const codePoint = ((byte1 & 0x1f) << 6) | (byte2 & 0x3f)
       result += String.fromCharCode(codePoint)
-    } else if (byte >= 0xe0 && byte <= 0xef) {
-      // 3-byte sequence (1110xxxx 10xxxxxx 10xxxxxx)
+      i += 1
+      continue
+    }
+    if (byte1 >= 0xe0 && byte1 <= 0xef) {
+      if (i + 2 >= arr.length) {
+        emitReplacement()
+        continue
+      }
       const byte2 = arr[i + 1]
       const byte3 = arr[i + 2]
-      skip = 2
+      if ((byte2 & 0xc0) !== 0x80 || (byte3 & 0xc0) !== 0x80) {
+        emitReplacement()
+        continue
+      }
       const codePoint =
-        ((byte & 0x0f) << 12) | ((byte2 & 0x3f) << 6) | (byte3 & 0x3f)
+        ((byte1 & 0x0f) << 12) |
+        ((byte2 & 0x3f) << 6) |
+        (byte3 & 0x3f)
+
       result += String.fromCharCode(codePoint)
-    } else if (byte >= 0xf0 && byte <= 0xf7) {
-      // 4-byte sequence (11110xxx 10xxxxxx 10xxxxxx 10xxxxxx)
+      i += 2
+      continue
+    }
+    if (byte1 >= 0xf0 && byte1 <= 0xf7) {
+      if (i + 3 >= arr.length) {
+        emitReplacement()
+        continue
+      }
       const byte2 = arr[i + 1]
       const byte3 = arr[i + 2]
       const byte4 = arr[i + 3]
-      skip = 3
+      if (
+        (byte2 & 0xc0) !== 0x80 ||
+        (byte3 & 0xc0) !== 0x80 ||
+        (byte4 & 0xc0) !== 0x80
+      ) {
+        emitReplacement()
+        continue
+      }
       const codePoint =
-        ((byte & 0x07) << 18) |
+        ((byte1 & 0x07) << 18) |
         ((byte2 & 0x3f) << 12) |
         ((byte3 & 0x3f) << 6) |
         (byte4 & 0x3f)
-
-      // Convert to UTF-16 surrogate pair
-      const surrogate1 = 0xd800 + ((codePoint - 0x10000) >> 10)
-      const surrogate2 = 0xdc00 + ((codePoint - 0x10000) & 0x3ff)
-      result += String.fromCharCode(surrogate1, surrogate2)
+      const offset = codePoint - 0x10000
+      const highSurrogate = 0xd800 + (offset >> 10)
+      const lowSurrogate = 0xdc00 + (offset & 0x3ff)
+      result += String.fromCharCode(highSurrogate, lowSurrogate)
+      i += 3
+      continue
     }
+    emitReplacement()
   }
-
   return result
 }