Browse Source

Fix NegateSignatureS to not duplicate last byte of S

NegateSignatureS is called with a signature without a hashtype, so
do not save the last byte and append it after S negation.

Updates the two tests which were affected by this bug.
0.13
Suhas Daftuar 10 years ago
parent
commit
6f50dbd2fd
  1. 2
      src/test/data/script_invalid.json
  2. 2
      src/test/data/script_valid.json
  3. 2
      src/test/script_tests.cpp

2
src/test/data/script_invalid.json

@ -696,7 +696,7 @@
"BIP66 example 11, with DERSIG" "BIP66 example 11, with DERSIG"
], ],
[ [
"0x49 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef05101", "0x48 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef001",
"0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG", "0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG",
"LOW_S", "LOW_S",
"P2PK with high S" "P2PK with high S"

2
src/test/data/script_valid.json

@ -814,7 +814,7 @@
"BIP66 example 12, with DERSIG" "BIP66 example 12, with DERSIG"
], ],
[ [
"0x49 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef05101", "0x48 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef001",
"0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG", "0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG",
"", "",
"P2PK with high S but no LOW_S" "P2PK with high S but no LOW_S"

2
src/test/script_tests.cpp

@ -107,7 +107,6 @@ void static NegateSignatureS(std::vector<unsigned char>& vchSig) {
std::vector<unsigned char> r, s; std::vector<unsigned char> r, s;
r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]); r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]); s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
unsigned char hashtype = vchSig.back();
// Really ugly to implement mod-n negation here, but it would be feature creep to expose such functionality from libsecp256k1. // Really ugly to implement mod-n negation here, but it would be feature creep to expose such functionality from libsecp256k1.
static const unsigned char order[33] = { static const unsigned char order[33] = {
@ -141,7 +140,6 @@ void static NegateSignatureS(std::vector<unsigned char>& vchSig) {
vchSig.push_back(0x02); vchSig.push_back(0x02);
vchSig.push_back(s.size()); vchSig.push_back(s.size());
vchSig.insert(vchSig.end(), s.begin(), s.end()); vchSig.insert(vchSig.end(), s.begin(), s.end());
vchSig.push_back(hashtype);
} }
namespace namespace

Loading…
Cancel
Save