From 2fa9a8ec86033b809a1c48f0396c3482c0d5d33c Mon Sep 17 00:00:00 2001
From: Peter Todd <pete@petertodd.org>
Date: Fri, 9 Jan 2015 05:52:57 -0500
Subject: Make empty byte arrays pass CheckSignatureEncoding()

Makes it possible to compactly provide a delibrately invalid signature
for use with CHECK(MULTI)SIG. For instance with BIP19 if m != n invalid
signatures need to be provided in the scriptSig; prior to this change
those invalid signatures would need to be large DER-encoded signatures.

Note that we may want to further expand on this change in the future by
saying that only OP_0 is a "valid" invalid signature; BIP19 even with
this change is inherently malleable as the invalid signatures can be any
validly encoded DER signature.
---
 src/script/interpreter.cpp | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/script/interpreter.cpp')

diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp
index d0f75ab672..8a06f3d118 100644
--- a/src/script/interpreter.cpp
+++ b/src/script/interpreter.cpp
@@ -189,6 +189,11 @@ bool static IsDefinedHashtypeSignature(const valtype &vchSig) {
 }
 
 bool static CheckSignatureEncoding(const valtype &vchSig, unsigned int flags, ScriptError* serror) {
+    // Empty signature. Not strictly DER encoded, but allowed to provide a
+    // compact way to provide an invalid signature for use with CHECK(MULTI)SIG
+    if (vchSig.size() == 0) {
+        return true;
+    }
     if ((flags & (SCRIPT_VERIFY_DERSIG | SCRIPT_VERIFY_LOW_S | SCRIPT_VERIFY_STRICTENC)) != 0 && !IsDERSignature(vchSig)) {
         return set_error(serror, SCRIPT_ERR_SIG_DER);
     } else if ((flags & SCRIPT_VERIFY_LOW_S) != 0 && !IsLowDERSignature(vchSig, serror)) {
-- 
cgit v1.2.3