diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2014-10-28 13:11:10 +0100 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2014-10-28 13:19:38 +0100 |
commit | cd9114e5136ecc1f60baa43fffeeb632782f2353 (patch) | |
tree | c73f172d0131f5f9c4434e391db59238fd4bc447 | |
parent | 068b7f8ee23f4557d356db30b4cbbd98065bd27c (diff) | |
parent | 16d78bd68e1488a2a84e368b50bf511c77392d2e (diff) |
Merge pull request #5065
16d78bd Add valid invert of invalid every numeric opcode tests (Peter Todd)
2b62e17 Clearly separate PUSHDATA and numeric argument MINIMALDATA tests (Peter Todd)
dfeec18 Test every numeric-accepting opcode for correct handling of the numeric minimal encoding rule (Peter Todd)
554147a Ensure MINIMALDATA invalid tests can only fail one way (Peter Todd)
6004e77 Improve CScriptNum() comment (Peter Todd)
698c6ab Add SCRIPT_VERIFY_MINIMALDATA (BIP62 rules 3 and 4) (Pieter Wuille)
d752ba8 Add SCRIPT_VERIFY_SIGPUSHONLY (BIP62 rule 2) (Pieter Wuille)
-rw-r--r-- | src/main.cpp | 4 | ||||
-rw-r--r-- | src/script/interpreter.cpp | 55 | ||||
-rw-r--r-- | src/script/interpreter.h | 10 | ||||
-rw-r--r-- | src/script/script.cpp | 31 | ||||
-rw-r--r-- | src/script/script.h | 35 | ||||
-rw-r--r-- | src/script/standard.h | 1 | ||||
-rw-r--r-- | src/test/data/script_invalid.json | 113 | ||||
-rw-r--r-- | src/test/data/script_valid.json | 147 | ||||
-rw-r--r-- | src/test/script_tests.cpp | 33 | ||||
-rw-r--r-- | src/test/scriptnum_tests.cpp | 4 | ||||
-rw-r--r-- | src/test/transaction_tests.cpp | 2 |
11 files changed, 372 insertions, 63 deletions
diff --git a/src/main.cpp b/src/main.cpp index 0cfe90beda..008a059103 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -633,10 +633,6 @@ bool IsStandardTx(const CTransaction& tx, string& reason) reason = "scriptsig-not-pushonly"; return false; } - if (!txin.scriptSig.HasCanonicalPushes()) { - reason = "scriptsig-non-canonical-push"; - return false; - } } unsigned int nDataOut = 0; diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp index cd73b88210..11c909472a 100644 --- a/src/script/interpreter.cpp +++ b/src/script/interpreter.cpp @@ -157,6 +157,29 @@ bool static CheckPubKeyEncoding(const valtype &vchSig, unsigned int flags) { return true; } +bool static CheckMinimalPush(const valtype& data, opcodetype opcode) { + if (data.size() == 0) { + // Could have used OP_0. + return opcode == OP_0; + } else if (data.size() == 1 && data[0] >= 1 && data[0] <= 16) { + // Could have used OP_1 .. OP_16. + return opcode == OP_1 + (data[0] - 1); + } else if (data.size() == 1 && data[0] == 0x81) { + // Could have used OP_1NEGATE. + return opcode == OP_1NEGATE; + } else if (data.size() <= 75) { + // Could have used a direct push (opcode indicating number of bytes pushed + those bytes). + return opcode == data.size(); + } else if (data.size() <= 255) { + // Could have used OP_PUSHDATA. + return opcode == OP_PUSHDATA1; + } else if (data.size() <= 65535) { + // Could have used OP_PUSHDATA2. + return opcode == OP_PUSHDATA2; + } + return true; +} + bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, unsigned int flags, const BaseSignatureChecker& checker) { CScript::const_iterator pc = script.begin(); @@ -169,6 +192,7 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un if (script.size() > 10000) return false; int nOpCount = 0; + bool fRequireMinimal = (flags & SCRIPT_VERIFY_MINIMALDATA) != 0; try { @@ -205,9 +229,12 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un opcode == OP_RSHIFT) return false; // Disabled opcodes. - if (fExec && 0 <= opcode && opcode <= OP_PUSHDATA4) + if (fExec && 0 <= opcode && opcode <= OP_PUSHDATA4) { + if (fRequireMinimal && !CheckMinimalPush(vchPushValue, opcode)) { + return false; + } stack.push_back(vchPushValue); - else if (fExec || (OP_IF <= opcode && opcode <= OP_ENDIF)) + } else if (fExec || (OP_IF <= opcode && opcode <= OP_ENDIF)) switch (opcode) { // @@ -234,6 +261,8 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un // ( -- value) CScriptNum bn((int)opcode - (int)(OP_1 - 1)); stack.push_back(bn.getvch()); + // The result of these opcodes should always be the minimal way to push the data + // they push, so no need for a CheckMinimalPush here. } break; @@ -458,7 +487,7 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un // (xn ... x2 x1 x0 n - ... x2 x1 x0 xn) if (stack.size() < 2) return false; - int n = CScriptNum(stacktop(-1)).getint(); + int n = CScriptNum(stacktop(-1), fRequireMinimal).getint(); popstack(stack); if (n < 0 || n >= (int)stack.size()) return false; @@ -557,7 +586,7 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un // (in -- out) if (stack.size() < 1) return false; - CScriptNum bn(stacktop(-1)); + CScriptNum bn(stacktop(-1), fRequireMinimal); switch (opcode) { case OP_1ADD: bn += bnOne; break; @@ -590,8 +619,8 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un // (x1 x2 -- out) if (stack.size() < 2) return false; - CScriptNum bn1(stacktop(-2)); - CScriptNum bn2(stacktop(-1)); + CScriptNum bn1(stacktop(-2), fRequireMinimal); + CScriptNum bn2(stacktop(-1), fRequireMinimal); CScriptNum bn(0); switch (opcode) { @@ -635,9 +664,9 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un // (x min max -- out) if (stack.size() < 3) return false; - CScriptNum bn1(stacktop(-3)); - CScriptNum bn2(stacktop(-2)); - CScriptNum bn3(stacktop(-1)); + CScriptNum bn1(stacktop(-3), fRequireMinimal); + CScriptNum bn2(stacktop(-2), fRequireMinimal); + CScriptNum bn3(stacktop(-1), fRequireMinimal); bool fValue = (bn2 <= bn1 && bn1 < bn3); popstack(stack); popstack(stack); @@ -727,7 +756,7 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un if ((int)stack.size() < i) return false; - int nKeysCount = CScriptNum(stacktop(-i)).getint(); + int nKeysCount = CScriptNum(stacktop(-i), fRequireMinimal).getint(); if (nKeysCount < 0 || nKeysCount > 20) return false; nOpCount += nKeysCount; @@ -738,7 +767,7 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, un if ((int)stack.size() < i) return false; - int nSigsCount = CScriptNum(stacktop(-i)).getint(); + int nSigsCount = CScriptNum(stacktop(-i), fRequireMinimal).getint(); if (nSigsCount < 0 || nSigsCount > nKeysCount) return false; int isig = ++i; @@ -980,6 +1009,10 @@ bool SignatureChecker::CheckSig(const vector<unsigned char>& vchSigIn, const vec bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, unsigned int flags, const BaseSignatureChecker& checker) { + if ((flags & SCRIPT_VERIFY_SIGPUSHONLY) != 0 && !scriptSig.IsPushOnly()) { + return false; + } + vector<vector<unsigned char> > stack, stackCopy; if (!EvalScript(stack, scriptSig, flags, checker)) return false; diff --git a/src/script/interpreter.h b/src/script/interpreter.h index de5ce2ced1..5133c80aab 100644 --- a/src/script/interpreter.h +++ b/src/script/interpreter.h @@ -46,6 +46,16 @@ enum // verify dummy stack item consumed by CHECKMULTISIG is of zero-length (softfork safe, BIP62 rule 7). SCRIPT_VERIFY_NULLDUMMY = (1U << 4), + + // Using a non-push operator in the scriptSig causes script failure (softfork safe, BIP62 rule 2). + SCRIPT_VERIFY_SIGPUSHONLY = (1U << 5), + + // Require minimal encodings for all push operations (OP_0... OP_16, OP_1NEGATE where possible, direct + // pushes up to 75 bytes, OP_PUSHDATA up to 255 bytes, OP_PUSHDATA2 for anything larger). Evaluating + // any other push causes the script to fail (BIP62 rule 3). + // In addition, whenever a stack element is interpreted as a number, it must be of minimal length (BIP62 rule 4). + // (softfork safe) + SCRIPT_VERIFY_MINIMALDATA = (1U << 6) }; uint256 SignatureHash(const CScript &scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType); diff --git a/src/script/script.cpp b/src/script/script.cpp index 3e19d0c2bf..b879d72d6b 100644 --- a/src/script/script.cpp +++ b/src/script/script.cpp @@ -12,7 +12,7 @@ namespace { inline std::string ValueString(const std::vector<unsigned char>& vch) { if (vch.size() <= 4) - return strprintf("%d", CScriptNum(vch).getint()); + return strprintf("%d", CScriptNum(vch, false).getint()); else return HexStr(vch); } @@ -230,7 +230,7 @@ bool CScript::IsPushOnly() const return false; // Note that IsPushOnly() *does* consider OP_RESERVED to be a // push-type opcode, however execution of OP_RESERVED fails, so - // it's not relevant to P2SH as the scriptSig would fail prior to + // it's not relevant to P2SH/BIP62 as the scriptSig would fail prior to // the P2SH special validation code being executed. if (opcode > OP_16) return false; @@ -238,33 +238,6 @@ bool CScript::IsPushOnly() const return true; } -bool CScript::HasCanonicalPushes() const -{ - const_iterator pc = begin(); - while (pc < end()) - { - opcodetype opcode; - std::vector<unsigned char> data; - if (!GetOp(pc, opcode, data)) - return false; - if (opcode > OP_16) - continue; - if (opcode < OP_PUSHDATA1 && opcode > OP_0 && (data.size() == 1 && data[0] <= 16)) - // Could have used an OP_n code, rather than a 1-byte push. - return false; - if (opcode == OP_PUSHDATA1 && data.size() < OP_PUSHDATA1) - // Could have used a normal n-byte push, rather than OP_PUSHDATA1. - return false; - if (opcode == OP_PUSHDATA2 && data.size() <= 0xFF) - // Could have used an OP_PUSHDATA1. - return false; - if (opcode == OP_PUSHDATA4 && data.size() <= 0xFFFF) - // Could have used an OP_PUSHDATA2. - return false; - } - return true; -} - std::string CScript::ToString() const { std::string str; diff --git a/src/script/script.h b/src/script/script.h index d450db5cad..05f2e7e3a9 100644 --- a/src/script/script.h +++ b/src/script/script.h @@ -192,10 +192,29 @@ public: m_value = n; } - explicit CScriptNum(const std::vector<unsigned char>& vch) + explicit CScriptNum(const std::vector<unsigned char>& vch, bool fRequireMinimal) { - if (vch.size() > nMaxNumSize) - throw scriptnum_error("CScriptNum(const std::vector<unsigned char>&) : overflow"); + if (vch.size() > nMaxNumSize) { + throw scriptnum_error("script number overflow"); + } + if (fRequireMinimal && vch.size() > 0) { + // Check that the number is encoded with the minimum possible + // number of bytes. + // + // If the most-significant-byte - excluding the sign bit - is zero + // then we're not minimal. Note how this test also rejects the + // negative-zero encoding, 0x80. + if ((vch.back() & 0x7f) == 0) { + // One exception: if there's more than one byte and the most + // significant bit of the second-most-significant-byte is set + // it would conflict with the sign bit. An example of this case + // is +-255, which encode to 0xff00 and 0xff80 respectively. + // (big-endian). + if (vch.size() <= 1 || (vch[vch.size() - 2] & 0x80) == 0) { + throw scriptnum_error("non-minimally encoded script number"); + } + } + } m_value = set_vch(vch); } @@ -319,7 +338,6 @@ private: int64_t m_value; }; - /** Serialized script, used inside transaction inputs and outputs */ class CScript : public std::vector<unsigned char> { @@ -330,6 +348,10 @@ protected: { push_back(n + (OP_1 - 1)); } + else if (n == 0) + { + push_back(OP_0); + } else { *this << CScriptNum::serialize(n); @@ -551,12 +573,9 @@ public: bool IsPayToScriptHash() const; - // Called by IsStandardTx and P2SH VerifyScript (which makes it consensus-critical). + // Called by IsStandardTx and P2SH/BIP62 VerifyScript (which makes it consensus-critical). bool IsPushOnly() const; - // Called by IsStandardTx. - bool HasCanonicalPushes() const; - // Returns whether the script is guaranteed to fail at execution, // regardless of the initial stack. This allows outputs to be pruned // instantly when entering the UTXO set. diff --git a/src/script/standard.h b/src/script/standard.h index 961b214c89..248b941a64 100644 --- a/src/script/standard.h +++ b/src/script/standard.h @@ -41,6 +41,7 @@ static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH; // blocks and we must accept those blocks. static const unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VERIFY_FLAGS | SCRIPT_VERIFY_STRICTENC | + SCRIPT_VERIFY_MINIMALDATA | SCRIPT_VERIFY_NULLDUMMY; // For convenience, standard but not mandatory verify flags. diff --git a/src/test/data/script_invalid.json b/src/test/data/script_invalid.json index b6447cb221..6f451a36ee 100644 --- a/src/test/data/script_invalid.json +++ b/src/test/data/script_invalid.json @@ -384,6 +384,101 @@ nSequences are max. ["0x00", "'00' EQUAL", "P2SH,STRICTENC", "Basic OP_0 execution"], +["MINIMALDATA enforcement for PUSHDATAs"], + +["0x4c 0x00", "DROP 1", "MINIMALDATA", "Empty vector minimally represented by OP_0"], +["0x01 0x81", "DROP 1", "MINIMALDATA", "-1 minimally represented by OP_1NEGATE"], +["0x01 0x01", "DROP 1", "MINIMALDATA", "1 to 16 minimally represented by OP_1 to OP_16"], +["0x01 0x02", "DROP 1", "MINIMALDATA"], +["0x01 0x03", "DROP 1", "MINIMALDATA"], +["0x01 0x04", "DROP 1", "MINIMALDATA"], +["0x01 0x05", "DROP 1", "MINIMALDATA"], +["0x01 0x06", "DROP 1", "MINIMALDATA"], +["0x01 0x07", "DROP 1", "MINIMALDATA"], +["0x01 0x08", "DROP 1", "MINIMALDATA"], +["0x01 0x09", "DROP 1", "MINIMALDATA"], +["0x01 0x0a", "DROP 1", "MINIMALDATA"], +["0x01 0x0b", "DROP 1", "MINIMALDATA"], +["0x01 0x0c", "DROP 1", "MINIMALDATA"], +["0x01 0x0d", "DROP 1", "MINIMALDATA"], +["0x01 0x0e", "DROP 1", "MINIMALDATA"], +["0x01 0x0f", "DROP 1", "MINIMALDATA"], +["0x01 0x10", "DROP 1", "MINIMALDATA"], + +["0x4c 0x48 0x111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", "DROP 1", "MINIMALDATA", + "PUSHDATA1 of 72 bytes minimally represented by direct push"], + +["0x4d 0xFF00 0x111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", "DROP 1", "MINIMALDATA", + "PUSHDATA2 of 255 bytes minimally represented by PUSHDATA1"], + +["0x4f 0x00100000 0x11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", "DROP 1", "MINIMALDATA", + "PUSHDATA4 of 256 bytes minimally represented by PUSHDATA2"], + + +["MINIMALDATA enforcement for numeric arguments"], + +["0x01 0x00", "NOT DROP 1", "MINIMALDATA", "numequals 0"], +["0x02 0x0000", "NOT DROP 1", "MINIMALDATA", "numequals 0"], +["0x01 0x80", "NOT DROP 1", "MINIMALDATA", "0x80 (negative zero) numequals 0"], +["0x02 0x0080", "NOT DROP 1", "MINIMALDATA", "numequals 0"], +["0x02 0x0500", "NOT DROP 1", "MINIMALDATA", "numequals 5"], +["0x03 0x050000", "NOT DROP 1", "MINIMALDATA", "numequals 5"], +["0x02 0x0580", "NOT DROP 1", "MINIMALDATA", "numequals -5"], +["0x03 0x050080", "NOT DROP 1", "MINIMALDATA", "numequals -5"], +["0x03 0xff7f80", "NOT DROP 1", "MINIMALDATA", "Minimal encoding is 0xffff"], +["0x03 0xff7f00", "NOT DROP 1", "MINIMALDATA", "Minimal encoding is 0xff7f"], +["0x04 0xffff7f80", "NOT DROP 1", "MINIMALDATA", "Minimal encoding is 0xffffff"], +["0x04 0xffff7f00", "NOT DROP 1", "MINIMALDATA", "Minimal encoding is 0xffff7f"], + +["Test every numeric-accepting opcode for correct handling of the numeric minimal encoding rule"], + +["1 0x02 0x0000", "PICK DROP", "MINIMALDATA"], +["1 0x02 0x0000", "ROLL DROP 1", "MINIMALDATA"], +["0x02 0x0000", "1ADD DROP 1", "MINIMALDATA"], +["0x02 0x0000", "1SUB DROP 1", "MINIMALDATA"], +["0x02 0x0000", "NEGATE DROP 1", "MINIMALDATA"], +["0x02 0x0000", "ABS DROP 1", "MINIMALDATA"], +["0x02 0x0000", "NOT DROP 1", "MINIMALDATA"], +["0x02 0x0000", "0NOTEQUAL DROP 1", "MINIMALDATA"], + +["0 0x02 0x0000", "ADD DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "ADD DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "SUB DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "SUB DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "BOOLAND DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "BOOLAND DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "BOOLOR DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "BOOLOR DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "NUMEQUAL DROP 1", "MINIMALDATA"], +["0x02 0x0000 1", "NUMEQUAL DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "NUMEQUALVERIFY 1", "MINIMALDATA"], +["0x02 0x0000 0", "NUMEQUALVERIFY 1", "MINIMALDATA"], +["0 0x02 0x0000", "NUMNOTEQUAL DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "NUMNOTEQUAL DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "LESSTHAN DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "LESSTHAN DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "GREATERTHAN DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "GREATERTHAN DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "LESSTHANOREQUAL DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "LESSTHANOREQUAL DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "GREATERTHANOREQUAL DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "GREATERTHANOREQUAL DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "MIN DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "MIN DROP 1", "MINIMALDATA"], +["0 0x02 0x0000", "MAX DROP 1", "MINIMALDATA"], +["0x02 0x0000 0", "MAX DROP 1", "MINIMALDATA"], + +["0x02 0x0000 0 0", "WITHIN DROP 1", "MINIMALDATA"], +["0 0x02 0x0000 0", "WITHIN DROP 1", "MINIMALDATA"], +["0 0 0x02 0x0000", "WITHIN DROP 1", "MINIMALDATA"], + +["0 0 0x02 0x0000", "CHECKMULTISIG DROP 1", "MINIMALDATA"], +["0 0x02 0x0000 0", "CHECKMULTISIG DROP 1", "MINIMALDATA"], +["0 0x02 0x0000 0 1", "CHECKMULTISIG DROP 1", "MINIMALDATA"], +["0 0 0x02 0x0000", "CHECKMULTISIGVERIFY 1", "MINIMALDATA"], +["0 0x02 0x0000 0", "CHECKMULTISIGVERIFY 1", "MINIMALDATA"], + + [ "0x47 0x30440220304eff7556bba9560df47873275e64db45f3cd735998ce3f00d2e57b1bb5f31302205c0c9d14b8b80d43e2ac9b87532f1af6d8a3271262bc694ec4e14068392bb0a001", "0x41 0x0479be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8 CHECKSIG", @@ -504,6 +599,24 @@ nSequences are max. "NULLDUMMY", "3-of-3 NOT with invalid sig with nonzero dummy" ], +[ + "0 0x47 0x3044022035341cc377b19138f944f90c45772cb06338c6d56a4c0c31a65bf1a8a105fadc022046dd232850b6bacb25879c9da82a7a628982aa19d055f1753468f68047662e0301 DUP", + "2 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 2 CHECKMULTISIG", + "SIGPUSHONLY", + "2-of-2 with two identical keys and sigs pushed using OP_DUP" +], +[ + "0x47 0x304402204d8b99eea2f53382fd67e0dbc8ed0596bd614aa0dad6bc6843c7860c79b901c3022062f022a71993013e3d9b22302a8e4b40109d7bb057aeb250b9aab2197b3e96b801 0x23 0x2103363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640ac", + "0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG", + "", + "P2SH(P2PK) with non-push scriptSig but no SIGPUSHONLY" +], +[ + "0x47 0x30440220078c887c33abc67fbbd827ceb3f661c1c459e78218161b652f23e3ca76cfabbd022047df245eacb8a88d8c5ca7b5228e3b4d070c102d2f542433362d3f443cd24eda01 0x23 0x2103363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640ac", + "0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG", + "SIGPUSHONLY", + "P2SH(P2PK) with non-push scriptSig" +], ["The End"] ] diff --git a/src/test/data/script_valid.json b/src/test/data/script_valid.json index 88bec7238c..439c82ef32 100644 --- a/src/test/data/script_valid.json +++ b/src/test/data/script_valid.json @@ -527,8 +527,139 @@ nSequences are max. "P2SH,STRICTENC", "Basic PUSHDATA1 signedness check"], +["all PUSHDATA forms are equivalent"], + +["0x4c 0x4b 0x111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", "0x4b 0x111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 EQUAL", "", "PUSHDATA1 of 75 bytes equals direct push of it"], +["0x4d 0xFF00 0x111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", "0x4c 0xFF 0x111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 EQUAL", "", "PUSHDATA2 of 255 bytes equals PUSHDATA1 of it"], + ["0x00", "SIZE 0 EQUAL", "P2SH,STRICTENC", "Basic OP_0 execution"], +["Numeric pushes"], + +["0x01 0x81", "0x4f EQUAL", "", "OP1_NEGATE pushes 0x81"], +["0x01 0x01", "0x51 EQUAL", "", "OP_1 pushes 0x01"], +["0x01 0x02", "0x52 EQUAL", "", "OP_2 pushes 0x02"], +["0x01 0x03", "0x53 EQUAL", "", "OP_3 pushes 0x03"], +["0x01 0x04", "0x54 EQUAL", "", "OP_4 pushes 0x04"], +["0x01 0x05", "0x55 EQUAL", "", "OP_5 pushes 0x05"], +["0x01 0x06", "0x56 EQUAL", "", "OP_6 pushes 0x06"], +["0x01 0x07", "0x57 EQUAL", "", "OP_7 pushes 0x07"], +["0x01 0x08", "0x58 EQUAL", "", "OP_8 pushes 0x08"], +["0x01 0x09", "0x59 EQUAL", "", "OP_9 pushes 0x09"], +["0x01 0x0a", "0x5a EQUAL", "", "OP_10 pushes 0x0a"], +["0x01 0x0b", "0x5b EQUAL", "", "OP_11 pushes 0x0b"], +["0x01 0x0c", "0x5c EQUAL", "", "OP_12 pushes 0x0c"], +["0x01 0x0d", "0x5d EQUAL", "", "OP_13 pushes 0x0d"], +["0x01 0x0e", "0x5e EQUAL", "", "OP_14 pushes 0x0e"], +["0x01 0x0f", "0x5f EQUAL", "", "OP_15 pushes 0x0f"], +["0x01 0x10", "0x60 EQUAL", "", "OP_16 pushes 0x10"], + +["Equivalency of different numeric encodings"], + +["0x02 0x8000", "128 NUMEQUAL", "", "0x8000 equals 128"], +["0x01 0x00", "0 NUMEQUAL", "", "0x00 numequals 0"], +["0x01 0x80", "0 NUMEQUAL", "", "0x80 (negative zero) numequals 0"], +["0x02 0x0080", "0 NUMEQUAL", "", "0x0080 numequals 0"], +["0x02 0x0500", "5 NUMEQUAL", "", "0x0500 numequals 5"], +["0x03 0xff7f80", "0x02 0xffff NUMEQUAL", "", ""], +["0x03 0xff7f00", "0x02 0xff7f NUMEQUAL", "", ""], +["0x04 0xffff7f80", "0x03 0xffffff NUMEQUAL", "", ""], +["0x04 0xffff7f00", "0x03 0xffff7f NUMEQUAL", "", ""], + +["Unevaluated non-minimal pushes are ignored"], + +["0 IF 0x4c 0x00 ENDIF 1", "", "MINIMALDATA", "non-minimal PUSHDATA1 ignored"], +["0 IF 0x4d 0x0000 ENDIF 1", "", "MINIMALDATA", "non-minimal PUSHDATA2 ignored"], +["0 IF 0x4c 0x00000000 ENDIF 1", "", "MINIMALDATA", "non-minimal PUSHDATA4 ignored"], +["0 IF 0x01 0x81 ENDIF 1", "", "MINIMALDATA", "1NEGATE equiv"], +["0 IF 0x01 0x01 ENDIF 1", "", "MINIMALDATA", "OP_1 equiv"], +["0 IF 0x01 0x02 ENDIF 1", "", "MINIMALDATA", "OP_2 equiv"], +["0 IF 0x01 0x03 ENDIF 1", "", "MINIMALDATA", "OP_3 equiv"], +["0 IF 0x01 0x04 ENDIF 1", "", "MINIMALDATA", "OP_4 equiv"], +["0 IF 0x01 0x05 ENDIF 1", "", "MINIMALDATA", "OP_5 equiv"], +["0 IF 0x01 0x06 ENDIF 1", "", "MINIMALDATA", "OP_6 equiv"], +["0 IF 0x01 0x07 ENDIF 1", "", "MINIMALDATA", "OP_7 equiv"], +["0 IF 0x01 0x08 ENDIF 1", "", "MINIMALDATA", "OP_8 equiv"], +["0 IF 0x01 0x09 ENDIF 1", "", "MINIMALDATA", "OP_9 equiv"], +["0 IF 0x01 0x0a ENDIF 1", "", "MINIMALDATA", "OP_10 equiv"], +["0 IF 0x01 0x0b ENDIF 1", "", "MINIMALDATA", "OP_11 equiv"], +["0 IF 0x01 0x0c ENDIF 1", "", "MINIMALDATA", "OP_12 equiv"], +["0 IF 0x01 0x0d ENDIF 1", "", "MINIMALDATA", "OP_13 equiv"], +["0 IF 0x01 0x0e ENDIF 1", "", "MINIMALDATA", "OP_14 equiv"], +["0 IF 0x01 0x0f ENDIF 1", "", "MINIMALDATA", "OP_15 equiv"], +["0 IF 0x01 0x10 ENDIF 1", "", "MINIMALDATA", "OP_16 equiv"], + +["Numeric minimaldata rules are only applied when a stack item is numerically evaluated; the push itself is allowed"], + +["0x01 0x00", "1", "MINIMALDATA"], +["0x01 0x80", "1", "MINIMALDATA"], +["0x02 0x0180", "1", "MINIMALDATA"], +["0x02 0x0100", "1", "MINIMALDATA"], +["0x02 0x0200", "1", "MINIMALDATA"], +["0x02 0x0300", "1", "MINIMALDATA"], +["0x02 0x0400", "1", "MINIMALDATA"], +["0x02 0x0500", "1", "MINIMALDATA"], +["0x02 0x0600", "1", "MINIMALDATA"], +["0x02 0x0700", "1", "MINIMALDATA"], +["0x02 0x0800", "1", "MINIMALDATA"], +["0x02 0x0900", "1", "MINIMALDATA"], +["0x02 0x0a00", "1", "MINIMALDATA"], +["0x02 0x0b00", "1", "MINIMALDATA"], +["0x02 0x0c00", "1", "MINIMALDATA"], +["0x02 0x0d00", "1", "MINIMALDATA"], +["0x02 0x0e00", "1", "MINIMALDATA"], +["0x02 0x0f00", "1", "MINIMALDATA"], +["0x02 0x1000", "1", "MINIMALDATA"], + +["Valid version of the 'Test every numeric-accepting opcode for correct handling of the numeric minimal encoding rule' script_invalid test"], + +["1 0x02 0x0000", "PICK DROP", ""], +["1 0x02 0x0000", "ROLL DROP 1", ""], +["0x02 0x0000", "1ADD DROP 1", ""], +["0x02 0x0000", "1SUB DROP 1", ""], +["0x02 0x0000", "NEGATE DROP 1", ""], +["0x02 0x0000", "ABS DROP 1", ""], +["0x02 0x0000", "NOT DROP 1", ""], +["0x02 0x0000", "0NOTEQUAL DROP 1", ""], + +["0 0x02 0x0000", "ADD DROP 1", ""], +["0x02 0x0000 0", "ADD DROP 1", ""], +["0 0x02 0x0000", "SUB DROP 1", ""], +["0x02 0x0000 0", "SUB DROP 1", ""], +["0 0x02 0x0000", "BOOLAND DROP 1", ""], +["0x02 0x0000 0", "BOOLAND DROP 1", ""], +["0 0x02 0x0000", "BOOLOR DROP 1", ""], +["0x02 0x0000 0", "BOOLOR DROP 1", ""], +["0 0x02 0x0000", "NUMEQUAL DROP 1", ""], +["0x02 0x0000 1", "NUMEQUAL DROP 1", ""], +["0 0x02 0x0000", "NUMEQUALVERIFY 1", ""], +["0x02 0x0000 0", "NUMEQUALVERIFY 1", ""], +["0 0x02 0x0000", "NUMNOTEQUAL DROP 1", ""], +["0x02 0x0000 0", "NUMNOTEQUAL DROP 1", ""], +["0 0x02 0x0000", "LESSTHAN DROP 1", ""], +["0x02 0x0000 0", "LESSTHAN DROP 1", ""], +["0 0x02 0x0000", "GREATERTHAN DROP 1", ""], +["0x02 0x0000 0", "GREATERTHAN DROP 1", ""], +["0 0x02 0x0000", "LESSTHANOREQUAL DROP 1", ""], +["0x02 0x0000 0", "LESSTHANOREQUAL DROP 1", ""], +["0 0x02 0x0000", "GREATERTHANOREQUAL DROP 1", ""], +["0x02 0x0000 0", "GREATERTHANOREQUAL DROP 1", ""], +["0 0x02 0x0000", "MIN DROP 1", ""], +["0x02 0x0000 0", "MIN DROP 1", ""], +["0 0x02 0x0000", "MAX DROP 1", ""], +["0x02 0x0000 0", "MAX DROP 1", ""], + +["0x02 0x0000 0 0", "WITHIN DROP 1", ""], +["0 0x02 0x0000 0", "WITHIN DROP 1", ""], +["0 0 0x02 0x0000", "WITHIN DROP 1", ""], + +["0 0 0x02 0x0000", "CHECKMULTISIG DROP 1", ""], +["0 0x02 0x0000 0", "CHECKMULTISIG DROP 1", ""], +["0 0x02 0x0000 0 1", "CHECKMULTISIG DROP 1", ""], +["0 0 0x02 0x0000", "CHECKMULTISIGVERIFY 1", ""], +["0 0x02 0x0000 0", "CHECKMULTISIGVERIFY 1", ""], + + [ "0x47 0x3044022007415aa37ce7eaa6146001ac8bdefca0ddcba0e37c5dc08c4ac99392124ebac802207d382307fd53f65778b07b9c63b6e196edeadf0be719130c5db21ff1e700d67501", "0x41 0x0479be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8 CHECKSIG", @@ -638,17 +769,29 @@ nSequences are max. "P2PK NOT with invalid sig and undefined hashtype but no STRICTENC" ], [ - "0x01 0x01 0x47 0x3044022046ce33d1771b0127dd4c4cef8fdc3218ebdfa60e3793ed700292d8ebd93fb1f402201029d47a414db83e96e31443c2d8b552f971469c4800f5eff7df2f0648521aed01 0x47 0x304402205c53911ad55b054920043962bbda98cf6e57e2db1cd5611138251490baabaa8702201dc80dfceae6007e7772dc13ff6e7ca66a983cb017fe5d46d30118462d83bcf801 0x47 0x304402201937e44a4ec12364f9d32f9d25e7ecbc68aee9ef90069af80efef4c05f6ace9602206c515101c00c75710b32ff7ff8dbaf7c9a0be6e86ed14a0755b47626604f31fd01", + "1 0x47 0x3044022046ce33d1771b0127dd4c4cef8fdc3218ebdfa60e3793ed700292d8ebd93fb1f402201029d47a414db83e96e31443c2d8b552f971469c4800f5eff7df2f0648521aed01 0x47 0x304402205c53911ad55b054920043962bbda98cf6e57e2db1cd5611138251490baabaa8702201dc80dfceae6007e7772dc13ff6e7ca66a983cb017fe5d46d30118462d83bcf801 0x47 0x304402201937e44a4ec12364f9d32f9d25e7ecbc68aee9ef90069af80efef4c05f6ace9602206c515101c00c75710b32ff7ff8dbaf7c9a0be6e86ed14a0755b47626604f31fd01", "3 0x21 0x0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 3 CHECKMULTISIG", "", "3-of-3 with nonzero dummy but no NULLDUMMY" ], [ - "0x01 0x01 0x47 0x30440220195038dbc6b2ae1199f86a6777824f7c5149789d85f655a3534a4422b8fba38c02204df9db87d2eb9fe06edc66870d9ac4c9ce673459f9d43cee0347ce4ffb02ee5a01 0x47 0x3044022010a45f30c6fa97a186eba9e6b595ab87d3dfcbf05dcaf1f1b8e3e7bf39515bb802203474e78d3d372e5f5c0f8c257ce8300c4bb8f37c51d4a894e11a91b5817da6ed01 0x47 0x30440220039cffd8e39850f95112662b1220b14b3c0d3d8a2772e13c947bfbf96345a64e02204154bfa77e2c0134d5434353bed82141e5da1cc479954aa288d5f0671480a04b01", + "1 0x47 0x30440220195038dbc6b2ae1199f86a6777824f7c5149789d85f655a3534a4422b8fba38c02204df9db87d2eb9fe06edc66870d9ac4c9ce673459f9d43cee0347ce4ffb02ee5a01 0x47 0x3044022010a45f30c6fa97a186eba9e6b595ab87d3dfcbf05dcaf1f1b8e3e7bf39515bb802203474e78d3d372e5f5c0f8c257ce8300c4bb8f37c51d4a894e11a91b5817da6ed01 0x47 0x30440220039cffd8e39850f95112662b1220b14b3c0d3d8a2772e13c947bfbf96345a64e02204154bfa77e2c0134d5434353bed82141e5da1cc479954aa288d5f0671480a04b01", "3 0x21 0x0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 3 CHECKMULTISIG NOT", "", "3-of-3 NOT with invalid sig and nonzero dummy but no NULLDUMMY" ], +[ + "0 0x47 0x3044022002a27769ee33db258bdf7a3792e7da4143ec4001b551f73e6a190b8d1bde449d02206742c56ccd94a7a2e16ca52fc1ae4a0aa122b0014a867a80de104f9cb18e472c01 DUP", + "2 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 2 CHECKMULTISIG", + "", + "2-of-2 with two identical keys and sigs pushed using OP_DUP but no SIGPUSHONLY" +], +[ + "0 0x47 0x304402203acf75dd59bbef171aeeedae4f1020b824195820db82575c2b323b8899f95de9022067df297d3a5fad049ba0bb81255d0e495643cbcf9abae9e396988618bc0c6dfe01 0x47 0x304402205f8b859230c1cab7d4e8de38ff244d2ebe046b64e8d3f4219b01e483c203490a022071bdc488e31b557f7d9e5c8a8bec90dc92289ca70fa317685f4f140e38b30c4601", + "2 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 0x21 0x038282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508 2 CHECKMULTISIG", + "SIGPUSHONLY", + "2-of-2 with two identical keys and sigs pushed" +], ["The End"] ] diff --git a/src/test/script_tests.cpp b/src/test/script_tests.cpp index d3fc673a79..a41552fea1 100644 --- a/src/test/script_tests.cpp +++ b/src/test/script_tests.cpp @@ -1,5 +1,5 @@ -// Copyright (c) 2011-2013 The Bitcoin Core developers -// Distributed under the MIT/X11 software license, see the accompanying +// Copyright (c) 2011-2014 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include "data/script_invalid.json.h" @@ -171,13 +171,15 @@ public: TestBuilder& Add(const CScript& script) { + DoPush(); spendTx.vin[0].scriptSig += script; return *this; } TestBuilder& Num(int num) { - spendTx.vin[0].scriptSig << CScriptNum(num); + DoPush(); + spendTx.vin[0].scriptSig << num; return *this; } @@ -402,6 +404,23 @@ BOOST_AUTO_TEST_CASE(script_build) "3-of-3 NOT with invalid sig with nonzero dummy", SCRIPT_VERIFY_NULLDUMMY ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).DamagePush(10)); + good.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG, + "2-of-2 with two identical keys and sigs pushed using OP_DUP but no SIGPUSHONLY", 0 + ).Num(0).PushSig(keys.key1).Add(CScript() << OP_DUP)); + bad.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG, + "2-of-2 with two identical keys and sigs pushed using OP_DUP", SCRIPT_VERIFY_SIGPUSHONLY + ).Num(0).PushSig(keys.key1).Add(CScript() << OP_DUP)); + bad.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG, + "P2SH(P2PK) with non-push scriptSig but no SIGPUSHONLY", 0 + ).PushSig(keys.key2).PushRedeem()); + bad.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG, + "P2SH(P2PK) with non-push scriptSig", SCRIPT_VERIFY_SIGPUSHONLY + ).PushSig(keys.key2).PushRedeem()); + good.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG, + "2-of-2 with two identical keys and sigs pushed", SCRIPT_VERIFY_SIGPUSHONLY + ).Num(0).PushSig(keys.key1).PushSig(keys.key1)); + + std::map<std::string, Array> tests_good; std::map<std::string, Array> tests_bad; @@ -769,19 +788,19 @@ BOOST_AUTO_TEST_CASE(script_combineSigs) BOOST_AUTO_TEST_CASE(script_standard_push) { - for (int i=0; i<1000; i++) { + for (int i=0; i<67000; i++) { CScript script; script << i; BOOST_CHECK_MESSAGE(script.IsPushOnly(), "Number " << i << " is not pure push."); - BOOST_CHECK_MESSAGE(script.HasCanonicalPushes(), "Number " << i << " push is not canonical."); + BOOST_CHECK_MESSAGE(VerifyScript(script, CScript() << OP_1, SCRIPT_VERIFY_MINIMALDATA, BaseSignatureChecker()), "Number " << i << " push is not minimal data."); } - for (int i=0; i<1000; i++) { + for (unsigned int i=0; i<=MAX_SCRIPT_ELEMENT_SIZE; i++) { std::vector<unsigned char> data(i, '\111'); CScript script; script << data; BOOST_CHECK_MESSAGE(script.IsPushOnly(), "Length " << i << " is not pure push."); - BOOST_CHECK_MESSAGE(script.HasCanonicalPushes(), "Length " << i << " push is not canonical."); + BOOST_CHECK_MESSAGE(VerifyScript(script, CScript() << OP_1, SCRIPT_VERIFY_MINIMALDATA, BaseSignatureChecker()), "Length " << i << " push is not minimal data."); } } diff --git a/src/test/scriptnum_tests.cpp b/src/test/scriptnum_tests.cpp index ac60fa426f..5621e12729 100644 --- a/src/test/scriptnum_tests.cpp +++ b/src/test/scriptnum_tests.cpp @@ -25,11 +25,11 @@ static void CheckCreateVch(const int64_t& num) BOOST_CHECK(verify(bignum, scriptnum)); CBigNum bignum2(bignum.getvch()); - CScriptNum scriptnum2(scriptnum.getvch()); + CScriptNum scriptnum2(scriptnum.getvch(), false); BOOST_CHECK(verify(bignum2, scriptnum2)); CBigNum bignum3(scriptnum2.getvch()); - CScriptNum scriptnum3(bignum2.getvch()); + CScriptNum scriptnum3(bignum2.getvch(), false); BOOST_CHECK(verify(bignum3, scriptnum3)); } diff --git a/src/test/transaction_tests.cpp b/src/test/transaction_tests.cpp index 41ccaaac94..c46c31e99f 100644 --- a/src/test/transaction_tests.cpp +++ b/src/test/transaction_tests.cpp @@ -33,6 +33,8 @@ static std::map<string, unsigned int> mapFlagNames = boost::assign::map_list_of (string("STRICTENC"), (unsigned int)SCRIPT_VERIFY_STRICTENC) (string("DERSIG"), (unsigned int)SCRIPT_VERIFY_DERSIG) (string("LOW_S"), (unsigned int)SCRIPT_VERIFY_LOW_S) + (string("SIGPUSHONLY"), (unsigned int)SCRIPT_VERIFY_SIGPUSHONLY) + (string("MINIMALDATA"), (unsigned int)SCRIPT_VERIFY_MINIMALDATA) (string("NULLDUMMY"), (unsigned int)SCRIPT_VERIFY_NULLDUMMY); unsigned int ParseScriptFlags(string strFlags) |