From 9377b78b35a327b1d31abd0e109698635ee5e4bb Mon Sep 17 00:00:00 2001
From: Jack Grigg <jack@z.cash>
Date: Tue, 17 Sep 2019 18:03:58 +0100
Subject: [PATCH] Panic if spending_key is given a seed shorter than 32 bytes

This enforces the MUST requirement in ZIP 32. A panic is used instead of
an error because this should be considered an implementation error.
Ideally the type system would prevent this from occurring at all.

Closes #125.
---
 zcash_client_backend/src/keys.rs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/zcash_client_backend/src/keys.rs b/zcash_client_backend/src/keys.rs
index 4d4cd6f1a..bae7f5faf 100644
--- a/zcash_client_backend/src/keys.rs
+++ b/zcash_client_backend/src/keys.rs
@@ -5,6 +5,10 @@ use zcash_primitives::zip32::{ChildIndex, ExtendedSpendingKey};
 /// Derives the ZIP 32 [`ExtendedSpendingKey`] for a given coin type and account from the
 /// given seed.
 ///
+/// # Panics
+///
+/// Panics if `seed` is shorter than 32 bytes.
+///
 /// # Examples
 ///
 /// ```
@@ -13,6 +17,10 @@ use zcash_primitives::zip32::{ChildIndex, ExtendedSpendingKey};
 /// let extsk = spending_key(&[0; 32][..], COIN_TYPE, 0);
 /// ```
 pub fn spending_key(seed: &[u8], coin_type: u32, account: u32) -> ExtendedSpendingKey {
+    if seed.len() < 32 {
+        panic!("ZIP 32 seeds MUST be at least 32 bytes");
+    }
+
     ExtendedSpendingKey::from_path(
         &ExtendedSpendingKey::master(&seed),
         &[