diff options
author | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-12-16 19:23:19 +0100 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-12-16 19:45:16 +0100 |
commit | 427f8c2cff0122bd614155f114b8b581e4b6e960 (patch) | |
tree | ab0cc6537e49f6941996e4201dc485c1339bf057 /src | |
parent | 5b6f970e3fda20733b3567677d9723f3cd5840c6 (diff) | |
parent | 89895773b72275a620951730aef0b52e9437bc13 (diff) | |
download | bitcoin-427f8c2cff0122bd614155f114b8b581e4b6e960.tar.xz |
Merge #20248: test: fix length of R check in key_signature_tests
89895773b72275a620951730aef0b52e9437bc13 Fix length of R check in test/key_tests.cpp:key_signature_tests (Dmitry Petukhov)
Pull request description:
The code before the fix only checked the length of R value of the last
signature in the loop, and only for equality (but the length can be
less than 32)
The fixed code checks that length of the R value is less than or equal
to 32 on each iteration of the loop
ACKs for top commit:
laanwj:
ACK 89895773b72275a620951730aef0b52e9437bc13
Tree-SHA512: 73eb2bb4a6c1c5fc11dd16851b28b43037ac06ef8cfc3b1f957429a1fca295c9422d67ec6c73c0e4bb4919f92e22dc5d733e84840b0d01ad1a529aa20d906ebf
Diffstat (limited to 'src')
-rw-r--r-- | src/test/key_tests.cpp | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/test/key_tests.cpp b/src/test/key_tests.cpp index 3362b8d17c..cb66d5164e 100644 --- a/src/test/key_tests.cpp +++ b/src/test/key_tests.cpp @@ -172,20 +172,30 @@ BOOST_AUTO_TEST_CASE(key_signature_tests) } BOOST_CHECK(found); - // When entropy is not specified, we should always see low R signatures that are less than 70 bytes in 256 tries + // When entropy is not specified, we should always see low R signatures that are less than or equal to 70 bytes in 256 tries + // The low R signatures should always have the value of their "length of R" byte less than or equal to 32 // We should see at least one signature that is less than 70 bytes. - found = true; bool found_small = false; + bool found_big = false; + bool bad_sign = false; for (int i = 0; i < 256; ++i) { sig.clear(); std::string msg = "A message to be signed" + ToString(i); msg_hash = Hash(msg); - BOOST_CHECK(key.Sign(msg_hash, sig)); - found = sig[3] == 0x20; - BOOST_CHECK(sig.size() <= 70); + if (!key.Sign(msg_hash, sig)) { + bad_sign = true; + break; + } + // sig.size() > 70 implies sig[3] > 32, because S is always low. + // But check both conditions anyway, just in case this implication is broken for some reason + if (sig[3] > 32 || sig.size() > 70) { + found_big = true; + break; + } found_small |= sig.size() < 70; } - BOOST_CHECK(found); + BOOST_CHECK(!bad_sign); + BOOST_CHECK(!found_big); BOOST_CHECK(found_small); } |