LBRYCommunity/bitcoinjs-lib
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #356 from bitcoinjs/htenforce

Browse source 
ECSignature: enforce valid hashType in toScriptSignature
This commit is contained in:
Daniel Cousens 2015-02-13 12:00:21 +11:00
commit f8b9a5f2c3
3 changed files with 40 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/ecsignature.js
View file

@ -68,12 +68,12 @@ ECSignature.fromDER = function(buffer) {
return new ECSignature(r, s) return new ECSignature(r, s)
} }
// FIXME: 0x00, 0x04, 0x80 are SIGHASH_* boundary constants, importing Transaction causes a circular dependency // BIP62: 1 byte hashType flag (only 0x01, 0x02, 0x03, 0x81, 0x82 and 0x83 are allowed)
ECSignature.parseScriptSignature = function(buffer) { ECSignature.parseScriptSignature = function(buffer) {
var hashType = buffer.readUInt8(buffer.length - 1) var hashType = buffer.readUInt8(buffer.length - 1)
var hashTypeMod = hashType & ~0x80 var hashTypeMod = hashType & ~0x80
assert(hashTypeMod > 0x00 && hashTypeMod < 0x04, 'Invalid hashType') assert(hashTypeMod > 0x00 && hashTypeMod < 0x04, 'Invalid hashType ' + hashType)
return { return {
signature: ECSignature.fromDER(buffer.slice(0, -1)), signature: ECSignature.fromDER(buffer.slice(0, -1)),
@ -115,6 +115,9 @@ ECSignature.prototype.toDER = function() {
} }
ECSignature.prototype.toScriptSignature = function(hashType) { ECSignature.prototype.toScriptSignature = function(hashType) {
var hashTypeMod = hashType & ~0x80
assert(hashTypeMod > 0x00 && hashTypeMod < 0x04, 'Invalid hashType ' + hashType)
var hashTypeBuffer = new Buffer(1) var hashTypeBuffer = new Buffer(1)
hashTypeBuffer.writeUInt8(hashType, 0) hashTypeBuffer.writeUInt8(hashType, 0)

17
test/ecsignature.js
View file

@ -92,6 +92,19 @@ describe('ECSignature', function() {
assert.equal(scriptSignature.toString('hex'), f.scriptSignature.hex) assert.equal(scriptSignature.toString('hex'), f.scriptSignature.hex)
}) })
}) })
fixtures.invalid.scriptSignature.forEach(function(f) {
it('throws ' + f.exception, function() {
var signature = new ECSignature(
new BigInteger(f.signature.r),
new BigInteger(f.signature.s)
)
assert.throws(function() {
signature.toScriptSignature(f.hashType)
}, new RegExp(f.exception))
})
})
}) })
describe('parseScriptSignature', function() { describe('parseScriptSignature', function() {
@ -106,9 +119,9 @@ describe('ECSignature', function() {
}) })
}) })
fixtures.invalid.DER.forEach(function(f) { fixtures.invalid.scriptSignature.forEach(function(f) {
it('throws on ' + f.hex, function() { it('throws on ' + f.hex, function() {
var buffer = new Buffer(f.hex + '01', 'hex') var buffer = new Buffer(f.hex, 'hex')
assert.throws(function() { assert.throws(function() {
ECSignature.parseScriptSignature(buffer) ECSignature.parseScriptSignature(buffer)

20
test/fixtures/ecsignature.json vendored
View file

@ -173,6 +173,26 @@
"exception": "S value excessively padded", "exception": "S value excessively padded",
"hex": "300c020400ffffff02040000ffff" "hex": "300c020400ffffff02040000ffff"
} }
],
"scriptSignature": [
{
"exception": "Invalid hashType 7",
"hashType": 7,
"hex": "3044022033a69cd2065432a30f3d1ce4eb0d59b8ab58c74f27c41a7fdb5696ad4e6108c902206f807982866f785d3f6418d24163ddae117b7db4d5fdf0071de069fa5434226207",
"signature": {
"r": "23362334225185207751494092901091441011938859014081160902781146257181456271561",
"s": "50433721247292933944369538617440297985091596895097604618403996029256432099938"
}
},
{
"exception": "Invalid hashType 140",
"hashType": 140,
"hex": "3044022033a69cd2065432a30f3d1ce4eb0d59b8ab58c74f27c41a7fdb5696ad4e6108c902206f807982866f785d3f6418d24163ddae117b7db4d5fdf0071de069fa543422628c",
"signature": {
"r": "23362334225185207751494092901091441011938859014081160902781146257181456271561",
"s": "50433721247292933944369538617440297985091596895097604618403996029256432099938"
}
}
] ]
} }
} }