LBRYCommunity/lbcd
1
0
Fork 0
Code Issues 17 Pull requests 4 Packages Projects Releases 28 Wiki Activity
lbcd/signature_test.go

423 lines
15 KiB
Go
Raw Normal View History

Add 2014 to copyright dates.
2014-01-09 06:51:37 +01:00
// Copyright (c) 2013-2014 Conformal Systems LLC.
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
// Use of this source code is governed by an ISC
// license that can be found in the LICENSE file.
package btcec_test
import (
Add tests for new Signature.Serialize function. This is part of the resolution for issue btcscript/#3.
2013-12-23 17:59:32 +01:00
"bytes"
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
"github.com/conformal/btcec"
Add tests for new Signature.Serialize function. This is part of the resolution for issue btcscript/#3.
2013-12-23 17:59:32 +01:00
"math/big"
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
"testing"
)
type signatureTest struct {
name string
sig []byte
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der bool
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
isValid bool
}
var signatureTests = []signatureTest{
// signatures from bitcoin blockchain tx
// 0437cd7f8525ceed2324359c2d0ba26006d92d85
signatureTest{
name: "valid signature.",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
isValid: true,
},
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
signatureTest{
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
name: "empty.",
sig: []byte{},
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "bad magic.",
sig: []byte{0x31, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "bad 1st int marker magic.",
sig: []byte{0x30, 0x44, 0x03, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "bad 2nd int marker.",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x03, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "short len",
sig: []byte{0x30, 0x43, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "long len",
sig: []byte{0x30, 0x45, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "long X",
sig: []byte{0x30, 0x44, 0x02, 0x42, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "long Y",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x21, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
isValid: false,
},
signatureTest{
name: "short Y",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x19, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
isValid: false,
},
signatureTest{
name: "trailing crap.",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09, 0x01,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
partially revert afc2e8100a56b0968e2bf77e5d24246bc5cf9a04 Turns out that there are some signatures in the bitcoin blockchain that have trailing 0s, for example 12a1b29fd6c295075b6a66f5fd90f0126ceb1fda4f15e4b44d92518bd52a5cdf has a signature length of 0x45 where there are 0x47 bytes following that length check (one is hashtype and is supposed to be trimmed out prior to calling the function). We relax the paranoid length check to permit traling data, but not to permit buffers that are too short. Change the test to passing with a big comment stating why this is now considered a valid case.
2013-06-24 19:06:01 +02:00
// This test is now passing (used to be failing) because there
// are signatures in the blockchain that have trailing zero
Add functions to serialize an ecdsa public key.
2013-09-11 05:14:30 +02:00
// bytes before the hashtype. So ParseSignature was fixed to
partially revert afc2e8100a56b0968e2bf77e5d24246bc5cf9a04 Turns out that there are some signatures in the bitcoin blockchain that have trailing 0s, for example 12a1b29fd6c295075b6a66f5fd90f0126ceb1fda4f15e4b44d92518bd52a5cdf has a signature length of 0x45 where there are 0x47 bytes following that length check (one is hashtype and is supposed to be trimmed out prior to calling the function). We relax the paranoid length check to permit traling data, but not to permit buffers that are too short. Change the test to passing with a big comment stating why this is now considered a valid case.
2013-06-24 19:06:01 +02:00
// permit buffers with trailing nonsense after the actual
// signature.
isValid: true,
test a bunch of invalid cases in ParseSignature.
2013-06-17 17:18:58 +02:00
},
Test the sanity checks for numbers too big for the curve fire correctly.
2013-06-18 00:57:36 +02:00
signatureTest{
name: "X == N ",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48,
0xA0, 0x3B, 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
Test the sanity checks for numbers too big for the curve fire correctly.
2013-06-18 00:57:36 +02:00
isValid: false,
},
signatureTest{
name: "X == N ",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48,
0xA0, 0x3B, 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41,
0x42, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: false,
Test the sanity checks for numbers too big for the curve fire correctly.
2013-06-18 00:57:36 +02:00
isValid: false,
},
signatureTest{
name: "Y == N",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
Test the sanity checks for numbers too big for the curve fire correctly.
2013-06-18 00:57:36 +02:00
isValid: false,
},
signatureTest{
name: "Y > N",
sig: []byte{0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x42,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: false,
Test the sanity checks for numbers too big for the curve fire correctly.
2013-06-18 00:57:36 +02:00
isValid: false,
},
test 0 length numbers (disallowed) and coordinates of 0 (also)
2013-06-18 01:17:32 +02:00
signatureTest{
name: "0 len X.",
sig: []byte{0x30, 0x24, 0x02, 0x00, 0x02, 0x20, 0x18, 0x15,
0x22, 0xec, 0x8e, 0xca, 0x07, 0xde, 0x48, 0x60, 0xa4,
0xac, 0xdd, 0x12, 0x90, 0x9d, 0x83, 0x1c, 0xc5, 0x6c,
0xbb, 0xac, 0x46, 0x22, 0x08, 0x22, 0x21, 0xa8, 0x76,
0x8d, 0x1d, 0x09,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test 0 length numbers (disallowed) and coordinates of 0 (also)
2013-06-18 01:17:32 +02:00
isValid: false,
},
signatureTest{
name: "0 len Y.",
sig: []byte{0x30, 0x24, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x00,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: true,
test 0 length numbers (disallowed) and coordinates of 0 (also)
2013-06-18 01:17:32 +02:00
isValid: false,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
signatureTest{
name: "extra R padding.",
sig: []byte{0x30, 0x45, 0x02, 0x21, 0x00, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x20, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
},
der: true,
isValid: false,
},
signatureTest{
name: "extra S padding.",
sig: []byte{0x30, 0x45, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x21, 0x00, 0x18, 0x15, 0x22, 0xec, 0x8e, 0xca,
0x07, 0xde, 0x48, 0x60, 0xa4, 0xac, 0xdd, 0x12, 0x90,
0x9d, 0x83, 0x1c, 0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22,
0x08, 0x22, 0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
},
der: true,
isValid: false,
},
// Standard checks (in BER format, without checking for 'canonical' DER
// signatures) don't test for negative numbers here because there isn't
// a way that is the same between openssl and go that will mark a number
// as negative. The Go ASN.1 parser marks numbers as negative when
// openssl does not (it doesn't handle negative numbers that I can tell
// at all. When not parsing DER signatures, which is done by by bitcoind
// when accepting transactions into its mempool, we otherwise only check
// for the coordinates being zero.
test 0 length numbers (disallowed) and coordinates of 0 (also)
2013-06-18 01:17:32 +02:00
signatureTest{
name: "X == 0",
sig: []byte{0x30, 0x25, 0x02, 0x01, 0x00, 0x02, 0x20, 0x18,
0x15, 0x22, 0xec, 0x8e, 0xca, 0x07, 0xde, 0x48, 0x60,
0xa4, 0xac, 0xdd, 0x12, 0x90, 0x9d, 0x83, 0x1c, 0xc5,
0x6c, 0xbb, 0xac, 0x46, 0x22, 0x08, 0x22, 0x21, 0xa8,
0x76, 0x8d, 0x1d, 0x09,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: false,
test 0 length numbers (disallowed) and coordinates of 0 (also)
2013-06-18 01:17:32 +02:00
isValid: false,
},
signatureTest{
name: "Y == 0.",
sig: []byte{0x30, 0x25, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3, 0xa1,
0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32, 0xe9, 0xd6,
0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab, 0x5f, 0xb8, 0xcd,
0x41, 0x02, 0x01, 0x00,
},
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
der: false,
test 0 length numbers (disallowed) and coordinates of 0 (also)
2013-06-18 01:17:32 +02:00
isValid: false,
},
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
}
func TestSignatures(t *testing.T) {
for _, test := range signatureTests {
Add ParseDERSignature. This change adds an additional signature parsing function which performs additional checks to verify the signature is serialized in a valid DER (and thus, unique) format, instead of allowing the less strict BER signatures that ParseSignature will happily accept. Added additional tests and updated test coverage to reflect changes.
2013-10-24 22:13:27 +02:00
var err error
if test.der {
_, err = btcec.ParseDERSignature(test.sig, btcec.S256())
} else {
_, err = btcec.ParseSignature(test.sig, btcec.S256())
}
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
if err != nil {
if test.isValid {
t.Errorf("%s signature failed when shouldn't %v",
test.name, err)
Make length check a little more paranoid Remove trailing crap from the tests (the hashtype) now that this is correctly caught.
2013-06-17 18:38:16 +02:00
} /* else {
t.Errorf("%s got error %v", test.name, err)
} */
add signature test harness and try a valid signature for size. error paths to come.
2013-06-14 02:11:06 +02:00
continue
}
if !test.isValid {
t.Errorf("%s counted as valid when it should fail",
test.name)
}
}
}
Add tests for new Signature.Serialize function. This is part of the resolution for issue btcscript/#3.
2013-12-23 17:59:32 +01:00
// TestSignatureSerialize ensures that serializing signatures works as expected.
func TestSignatureSerialize(t *testing.T) {
tests := []struct {
name string
ecsig *btcec.Signature
expected []byte
}{
// signature from bitcoin blockchain tx
// 0437cd7f8525ceed2324359c2d0ba26006d92d85
{
"valid 1 - r and s most significant bits are zero",
&btcec.Signature{
R: fromHex("4e45e16932b8af514961a1d3a1a25fdf3f4f7732e9d624c6c61548ab5fb8cd41"),
S: fromHex("181522ec8eca07de4860a4acdd12909d831cc56cbbac4622082221a8768d1d09"),
},
[]byte{
0x30, 0x44, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,
0x32, 0xb8, 0xaf, 0x51, 0x49, 0x61, 0xa1, 0xd3,
0xa1, 0xa2, 0x5f, 0xdf, 0x3f, 0x4f, 0x77, 0x32,
0xe9, 0xd6, 0x24, 0xc6, 0xc6, 0x15, 0x48, 0xab,
0x5f, 0xb8, 0xcd, 0x41, 0x02, 0x20, 0x18, 0x15,
0x22, 0xec, 0x8e, 0xca, 0x07, 0xde, 0x48, 0x60,
0xa4, 0xac, 0xdd, 0x12, 0x90, 0x9d, 0x83, 0x1c,
0xc5, 0x6c, 0xbb, 0xac, 0x46, 0x22, 0x08, 0x22,
0x21, 0xa8, 0x76, 0x8d, 0x1d, 0x09,
},
},
// signature from bitcoin blockchain tx
// cb00f8a0573b18faa8c4f467b049f5d202bf1101d9ef2633bc611be70376a4b4
{
"valid 2 - r most significant bit is one",
&btcec.Signature{
R: fromHex("0082235e21a2300022738dabb8e1bbd9d19cfb1e7ab8c30a23b0afbb8d178abcf3"),
S: fromHex("24bf68e256c534ddfaf966bf908deb944305596f7bdcc38d69acad7f9c868724"),
},
[]byte{
0x30, 0x45, 0x02, 0x21, 0x00, 0x82, 0x23, 0x5e,
0x21, 0xa2, 0x30, 0x00, 0x22, 0x73, 0x8d, 0xab,
0xb8, 0xe1, 0xbb, 0xd9, 0xd1, 0x9c, 0xfb, 0x1e,
0x7a, 0xb8, 0xc3, 0x0a, 0x23, 0xb0, 0xaf, 0xbb,
0x8d, 0x17, 0x8a, 0xbc, 0xf3, 0x02, 0x20, 0x24,
0xbf, 0x68, 0xe2, 0x56, 0xc5, 0x34, 0xdd, 0xfa,
0xf9, 0x66, 0xbf, 0x90, 0x8d, 0xeb, 0x94, 0x43,
0x05, 0x59, 0x6f, 0x7b, 0xdc, 0xc3, 0x8d, 0x69,
0xac, 0xad, 0x7f, 0x9c, 0x86, 0x87, 0x24,
},
},
// signature from bitcoin blockchain tx
// fda204502a3345e08afd6af27377c052e77f1fefeaeb31bdd45f1e1237ca5470
{
"valid 3 - s most significant bit is one",
&btcec.Signature{
R: fromHex("1cadddc2838598fee7dc35a12b340c6bde8b389f7bfd19a1252a17c4b5ed2d71"),
S: fromHex("00c1a251bbecb14b058a8bd77f65de87e51c47e95904f4c0e9d52eddc21c1415ac"),
},
[]byte{
0x30, 0x45, 0x02, 0x20, 0x1c, 0xad, 0xdd, 0xc2,
0x83, 0x85, 0x98, 0xfe, 0xe7, 0xdc, 0x35, 0xa1,
0x2b, 0x34, 0x0c, 0x6b, 0xde, 0x8b, 0x38, 0x9f,
0x7b, 0xfd, 0x19, 0xa1, 0x25, 0x2a, 0x17, 0xc4,
0xb5, 0xed, 0x2d, 0x71, 0x02, 0x21, 0x00, 0xc1,
0xa2, 0x51, 0xbb, 0xec, 0xb1, 0x4b, 0x05, 0x8a,
0x8b, 0xd7, 0x7f, 0x65, 0xde, 0x87, 0xe5, 0x1c,
0x47, 0xe9, 0x59, 0x04, 0xf4, 0xc0, 0xe9, 0xd5,
0x2e, 0xdd, 0xc2, 0x1c, 0x14, 0x15, 0xac,
},
},
{
"zero signature",
&btcec.Signature{
R: big.NewInt(0),
S: big.NewInt(0),
},
[]byte{0x30, 0x06, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00},
},
}
for i, test := range tests {
result := test.ecsig.Serialize()
if !bytes.Equal(result, test.expected) {
t.Errorf("Serialize #%d (%s) unexpected result:\n"+
"got: %x\nwant: %x", i, test.name, result,
test.expected)
}
}
}
Reference in a new issue Copy permalink