|
|
|
@ -3,6 +3,7 @@
@@ -3,6 +3,7 @@
|
|
|
|
|
// Distributed under the MIT/X11 software license, see the accompanying
|
|
|
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
|
|
|
#include <boost/foreach.hpp> |
|
|
|
|
#include <boost/tuple/tuple.hpp> |
|
|
|
|
|
|
|
|
|
using namespace std; |
|
|
|
|
using namespace boost; |
|
|
|
@ -12,6 +13,8 @@ using namespace boost;
@@ -12,6 +13,8 @@ using namespace boost;
|
|
|
|
|
#include "bignum.h" |
|
|
|
|
#include "key.h" |
|
|
|
|
#include "main.h" |
|
|
|
|
#include "sync.h" |
|
|
|
|
#include "util.h" |
|
|
|
|
|
|
|
|
|
bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType); |
|
|
|
|
|
|
|
|
@ -1099,12 +1102,67 @@ uint256 SignatureHash(CScript scriptCode, const CTransaction& txTo, unsigned int
@@ -1099,12 +1102,67 @@ uint256 SignatureHash(CScript scriptCode, const CTransaction& txTo, unsigned int
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Valid signature cache, to avoid doing expensive ECDSA signature checking
|
|
|
|
|
// twice for every transaction (once when accepted into memory pool, and
|
|
|
|
|
// again when accepted into the block chain)
|
|
|
|
|
|
|
|
|
|
class CSignatureCache |
|
|
|
|
{ |
|
|
|
|
private: |
|
|
|
|
// sigdata_type is (signature hash, signature, public key):
|
|
|
|
|
typedef boost::tuple<uint256, std::vector<unsigned char>, std::vector<unsigned char> > sigdata_type; |
|
|
|
|
std::set< sigdata_type> setValid; |
|
|
|
|
CCriticalSection cs_sigcache; |
|
|
|
|
|
|
|
|
|
public: |
|
|
|
|
bool |
|
|
|
|
Get(uint256 hash, const std::vector<unsigned char>& vchSig, const std::vector<unsigned char>& pubKey) |
|
|
|
|
{ |
|
|
|
|
LOCK(cs_sigcache); |
|
|
|
|
|
|
|
|
|
sigdata_type k(hash, vchSig, pubKey); |
|
|
|
|
std::set<sigdata_type>::iterator mi = setValid.find(k); |
|
|
|
|
if (mi != setValid.end()) |
|
|
|
|
return true; |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
void |
|
|
|
|
Set(uint256 hash, const std::vector<unsigned char>& vchSig, const std::vector<unsigned char>& pubKey) |
|
|
|
|
{ |
|
|
|
|
// DoS prevention: limit cache size to less than 10MB
|
|
|
|
|
// (~200 bytes per cache entry times 50,000 entries)
|
|
|
|
|
// Since there are a maximum of 20,000 signature operations per block
|
|
|
|
|
// 50,000 is a reasonable default.
|
|
|
|
|
int64 nMaxCacheSize = GetArg("-maxsigcachesize", 50000); |
|
|
|
|
if (nMaxCacheSize <= 0) return; |
|
|
|
|
|
|
|
|
|
LOCK(cs_sigcache); |
|
|
|
|
|
|
|
|
|
while (static_cast<int64>(setValid.size()) > nMaxCacheSize) |
|
|
|
|
{ |
|
|
|
|
// Evict a random entry. Random because that helps
|
|
|
|
|
// foil would-be DoS attackers who might try to pre-generate
|
|
|
|
|
// and re-use a set of valid signatures just-slightly-greater
|
|
|
|
|
// than our cache size.
|
|
|
|
|
uint256 randomHash = GetRandHash(); |
|
|
|
|
std::vector<unsigned char> unused; |
|
|
|
|
std::set<sigdata_type>::iterator it = |
|
|
|
|
setValid.lower_bound(sigdata_type(randomHash, unused, unused)); |
|
|
|
|
if (it == setValid.end()) |
|
|
|
|
it = setValid.begin(); |
|
|
|
|
setValid.erase(*it); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
sigdata_type k(hash, vchSig, pubKey); |
|
|
|
|
setValid.insert(k); |
|
|
|
|
} |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode, |
|
|
|
|
const CTransaction& txTo, unsigned int nIn, int nHashType) |
|
|
|
|
{ |
|
|
|
|
CKey key; |
|
|
|
|
if (!key.SetPubKey(vchPubKey)) |
|
|
|
|
return false; |
|
|
|
|
static CSignatureCache signatureCache; |
|
|
|
|
|
|
|
|
|
// Hash type is one byte tacked on to the end of the signature
|
|
|
|
|
if (vchSig.empty()) |
|
|
|
@ -1115,7 +1173,20 @@ bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CSc
@@ -1115,7 +1173,20 @@ bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CSc
|
|
|
|
|
return false; |
|
|
|
|
vchSig.pop_back(); |
|
|
|
|
|
|
|
|
|
return key.Verify(SignatureHash(scriptCode, txTo, nIn, nHashType), vchSig); |
|
|
|
|
uint256 sighash = SignatureHash(scriptCode, txTo, nIn, nHashType); |
|
|
|
|
|
|
|
|
|
if (signatureCache.Get(sighash, vchSig, vchPubKey)) |
|
|
|
|
return true; |
|
|
|
|
|
|
|
|
|
CKey key; |
|
|
|
|
if (!key.SetPubKey(vchPubKey)) |
|
|
|
|
return false; |
|
|
|
|
|
|
|
|
|
if (!key.Verify(sighash, vchSig)) |
|
|
|
|
return false; |
|
|
|
|
|
|
|
|
|
signatureCache.Set(sighash, vchSig, vchPubKey); |
|
|
|
|
return true; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|