Change assert to ret false (verify)

src/signature/generalized_xmss.rs

@@ -859,11 +859,25 @@ where
         message: &[u8; MESSAGE_LENGTH],
         sig: &Self::Signature,
     ) -> bool {
-        assert!(
+        debug_assert!(
             (epoch as u64) < Self::LIFETIME,
             "Generalized XMSS - Verify: Epoch too large."
         );
 
+        debug_assert!(
+            sig.hashes.len() == IE::DIMENSION,
+            "Generalized XMSS - Verify: Wrong number of hashes."
+        );
+
+        // some sanity checks on inputs: signature has correct structure
+        // and epoch in range. We reject in case a check fails.
+        if (epoch as u64) >= Self::LIFETIME {
+            return false;
+        }
+        if sig.hashes.len() != IE::DIMENSION {
+            return false;
+        }
+
         // first get back the codeword and make sure
         // encoding succeeded with the given randomness.
         let Ok(x) = IE::encode(&pk.parameter.into(), message, &sig.rho, epoch) else {

src/symmetric/tweak_hash_tree.rs

@@ -607,16 +607,26 @@ pub fn hash_tree_verify<TH: TweakableHash>(
     let depth = opening.co_path.len();
     let num_leafs: u64 = 1 << depth;
 
-    assert!(
+    debug_assert!(
         depth <= 32,
         "Hash-Tree verify: Tree depth must be at most 32"
     );
 
-    assert!(
+    debug_assert!(
         (position as u64) < num_leafs,
         "Hash-Tree verify: Position and Path Length not compatible"
     );
 
+    // some sanity checks: Tree depth must be at most 32
+    // and Position and Path Length must be compatible
+    // we let verification reject if this does not hold.
+    if depth > 32 {
+        return false;
+    }
+    if (position as u64) >= num_leafs {
+        return false;
+    }
+
     // first hash the leaf to get the node in the bottom layer
     let tweak = TH::tree_tweak(0, position);
     let mut current_node = TH::apply(parameter, &tweak, leaf);