You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
450 lines
17 KiB
450 lines
17 KiB
// Copyright (c) 2011-2013 The Bitcoin Core developers |
|
// Distributed under the MIT/X11 software license, see the accompanying |
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php. |
|
|
|
#include "data/script_invalid.json.h" |
|
#include "data/script_valid.json.h" |
|
|
|
#include "key.h" |
|
#include "keystore.h" |
|
#include "main.h" |
|
#include "script/script.h" |
|
#include "script/sign.h" |
|
#include "core_io.h" |
|
|
|
#include <fstream> |
|
#include <stdint.h> |
|
#include <string> |
|
#include <vector> |
|
|
|
#include <boost/algorithm/string/classification.hpp> |
|
#include <boost/algorithm/string/predicate.hpp> |
|
#include <boost/algorithm/string/replace.hpp> |
|
#include <boost/algorithm/string/split.hpp> |
|
#include <boost/filesystem/operations.hpp> |
|
#include <boost/filesystem/path.hpp> |
|
#include <boost/foreach.hpp> |
|
#include <boost/test/unit_test.hpp> |
|
#include "json/json_spirit_reader_template.h" |
|
#include "json/json_spirit_utils.h" |
|
#include "json/json_spirit_writer_template.h" |
|
|
|
using namespace std; |
|
using namespace json_spirit; |
|
using namespace boost::algorithm; |
|
|
|
static const unsigned int flags = SCRIPT_VERIFY_P2SH | SCRIPT_VERIFY_STRICTENC; |
|
|
|
unsigned int ParseScriptFlags(string strFlags); |
|
|
|
Array |
|
read_json(const std::string& jsondata) |
|
{ |
|
Value v; |
|
|
|
if (!read_string(jsondata, v) || v.type() != array_type) |
|
{ |
|
BOOST_ERROR("Parse error."); |
|
return Array(); |
|
} |
|
return v.get_array(); |
|
} |
|
|
|
BOOST_AUTO_TEST_SUITE(script_tests) |
|
|
|
CMutableTransaction BuildCreditingTransaction(const CScript& scriptPubKey) |
|
{ |
|
CMutableTransaction txCredit; |
|
txCredit.nVersion = 1; |
|
txCredit.nLockTime = 0; |
|
txCredit.vin.resize(1); |
|
txCredit.vout.resize(1); |
|
txCredit.vin[0].prevout.SetNull(); |
|
txCredit.vin[0].scriptSig = CScript() << CScriptNum(0) << CScriptNum(0); |
|
txCredit.vin[0].nSequence = std::numeric_limits<unsigned int>::max(); |
|
txCredit.vout[0].scriptPubKey = scriptPubKey; |
|
txCredit.vout[0].nValue = 0; |
|
|
|
return txCredit; |
|
} |
|
|
|
CMutableTransaction BuildSpendingTransaction(const CScript& scriptSig, const CScript& scriptPubKey) |
|
{ |
|
CMutableTransaction txCredit = BuildCreditingTransaction(scriptPubKey); |
|
|
|
CMutableTransaction txSpend; |
|
txSpend.nVersion = 1; |
|
txSpend.nLockTime = 0; |
|
txSpend.vin.resize(1); |
|
txSpend.vout.resize(1); |
|
txSpend.vin[0].prevout.hash = txCredit.GetHash(); |
|
txSpend.vin[0].prevout.n = 0; |
|
txSpend.vin[0].scriptSig = scriptSig; |
|
txSpend.vin[0].nSequence = std::numeric_limits<unsigned int>::max(); |
|
txSpend.vout[0].scriptPubKey = CScript(); |
|
txSpend.vout[0].nValue = 0; |
|
|
|
return txSpend; |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_valid) |
|
{ |
|
// Read tests from test/data/script_valid.json |
|
// Format is an array of arrays |
|
// Inner arrays are [ "scriptSig", "scriptPubKey", "flags" ] |
|
// ... where scriptSig and scriptPubKey are stringified |
|
// scripts. |
|
Array tests = read_json(std::string(json_tests::script_valid, json_tests::script_valid + sizeof(json_tests::script_valid))); |
|
|
|
BOOST_FOREACH(Value& tv, tests) |
|
{ |
|
Array test = tv.get_array(); |
|
string strTest = write_string(tv, false); |
|
if (test.size() < 3) // Allow size > 3; extra stuff ignored (useful for comments) |
|
{ |
|
if (test.size() != 1) { |
|
BOOST_ERROR("Bad test: " << strTest); |
|
} |
|
continue; |
|
} |
|
string scriptSigString = test[0].get_str(); |
|
CScript scriptSig = ParseScript(scriptSigString); |
|
string scriptPubKeyString = test[1].get_str(); |
|
CScript scriptPubKey = ParseScript(scriptPubKeyString); |
|
unsigned int scriptflags = ParseScriptFlags(test[2].get_str()); |
|
|
|
CTransaction tx; |
|
BOOST_CHECK_MESSAGE(VerifyScript(scriptSig, scriptPubKey, BuildSpendingTransaction(scriptSig, scriptPubKey), 0, scriptflags), strTest); |
|
} |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_invalid) |
|
{ |
|
// Scripts that should evaluate as invalid |
|
Array tests = read_json(std::string(json_tests::script_invalid, json_tests::script_invalid + sizeof(json_tests::script_invalid))); |
|
|
|
BOOST_FOREACH(Value& tv, tests) |
|
{ |
|
Array test = tv.get_array(); |
|
string strTest = write_string(tv, false); |
|
if (test.size() < 3) // Allow size > 3; extra stuff ignored (useful for comments) |
|
{ |
|
if (test.size() != 1) { |
|
BOOST_ERROR("Bad test: " << strTest); |
|
} |
|
continue; |
|
} |
|
string scriptSigString = test[0].get_str(); |
|
CScript scriptSig = ParseScript(scriptSigString); |
|
string scriptPubKeyString = test[1].get_str(); |
|
CScript scriptPubKey = ParseScript(scriptPubKeyString); |
|
unsigned int scriptflags = ParseScriptFlags(test[2].get_str()); |
|
|
|
CTransaction tx; |
|
BOOST_CHECK_MESSAGE(!VerifyScript(scriptSig, scriptPubKey, BuildSpendingTransaction(scriptSig, scriptPubKey), 0, scriptflags), strTest); |
|
} |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_PushData) |
|
{ |
|
// Check that PUSHDATA1, PUSHDATA2, and PUSHDATA4 create the same value on |
|
// the stack as the 1-75 opcodes do. |
|
static const unsigned char direct[] = { 1, 0x5a }; |
|
static const unsigned char pushdata1[] = { OP_PUSHDATA1, 1, 0x5a }; |
|
static const unsigned char pushdata2[] = { OP_PUSHDATA2, 1, 0, 0x5a }; |
|
static const unsigned char pushdata4[] = { OP_PUSHDATA4, 1, 0, 0, 0, 0x5a }; |
|
|
|
vector<vector<unsigned char> > directStack; |
|
BOOST_CHECK(EvalScript(directStack, CScript(&direct[0], &direct[sizeof(direct)]), CTransaction(), 0, true)); |
|
|
|
vector<vector<unsigned char> > pushdata1Stack; |
|
BOOST_CHECK(EvalScript(pushdata1Stack, CScript(&pushdata1[0], &pushdata1[sizeof(pushdata1)]), CTransaction(), 0, true)); |
|
BOOST_CHECK(pushdata1Stack == directStack); |
|
|
|
vector<vector<unsigned char> > pushdata2Stack; |
|
BOOST_CHECK(EvalScript(pushdata2Stack, CScript(&pushdata2[0], &pushdata2[sizeof(pushdata2)]), CTransaction(), 0, true)); |
|
BOOST_CHECK(pushdata2Stack == directStack); |
|
|
|
vector<vector<unsigned char> > pushdata4Stack; |
|
BOOST_CHECK(EvalScript(pushdata4Stack, CScript(&pushdata4[0], &pushdata4[sizeof(pushdata4)]), CTransaction(), 0, true)); |
|
BOOST_CHECK(pushdata4Stack == directStack); |
|
} |
|
|
|
CScript |
|
sign_multisig(CScript scriptPubKey, std::vector<CKey> keys, CTransaction transaction) |
|
{ |
|
uint256 hash = SignatureHash(scriptPubKey, transaction, 0, SIGHASH_ALL); |
|
|
|
CScript result; |
|
// |
|
// NOTE: CHECKMULTISIG has an unfortunate bug; it requires |
|
// one extra item on the stack, before the signatures. |
|
// Putting OP_0 on the stack is the workaround; |
|
// fixing the bug would mean splitting the block chain (old |
|
// clients would not accept new CHECKMULTISIG transactions, |
|
// and vice-versa) |
|
// |
|
result << OP_0; |
|
BOOST_FOREACH(const CKey &key, keys) |
|
{ |
|
vector<unsigned char> vchSig; |
|
BOOST_CHECK(key.Sign(hash, vchSig)); |
|
vchSig.push_back((unsigned char)SIGHASH_ALL); |
|
result << vchSig; |
|
} |
|
return result; |
|
} |
|
CScript |
|
sign_multisig(CScript scriptPubKey, const CKey &key, CTransaction transaction) |
|
{ |
|
std::vector<CKey> keys; |
|
keys.push_back(key); |
|
return sign_multisig(scriptPubKey, keys, transaction); |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_CHECKMULTISIG12) |
|
{ |
|
CKey key1, key2, key3; |
|
key1.MakeNewKey(true); |
|
key2.MakeNewKey(false); |
|
key3.MakeNewKey(true); |
|
|
|
CScript scriptPubKey12; |
|
scriptPubKey12 << OP_1 << key1.GetPubKey() << key2.GetPubKey() << OP_2 << OP_CHECKMULTISIG; |
|
|
|
CMutableTransaction txFrom12; |
|
txFrom12.vout.resize(1); |
|
txFrom12.vout[0].scriptPubKey = scriptPubKey12; |
|
|
|
CMutableTransaction txTo12; |
|
txTo12.vin.resize(1); |
|
txTo12.vout.resize(1); |
|
txTo12.vin[0].prevout.n = 0; |
|
txTo12.vin[0].prevout.hash = txFrom12.GetHash(); |
|
txTo12.vout[0].nValue = 1; |
|
|
|
CScript goodsig1 = sign_multisig(scriptPubKey12, key1, txTo12); |
|
BOOST_CHECK(VerifyScript(goodsig1, scriptPubKey12, txTo12, 0, flags)); |
|
txTo12.vout[0].nValue = 2; |
|
BOOST_CHECK(!VerifyScript(goodsig1, scriptPubKey12, txTo12, 0, flags)); |
|
|
|
CScript goodsig2 = sign_multisig(scriptPubKey12, key2, txTo12); |
|
BOOST_CHECK(VerifyScript(goodsig2, scriptPubKey12, txTo12, 0, flags)); |
|
|
|
CScript badsig1 = sign_multisig(scriptPubKey12, key3, txTo12); |
|
BOOST_CHECK(!VerifyScript(badsig1, scriptPubKey12, txTo12, 0, flags)); |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_CHECKMULTISIG23) |
|
{ |
|
CKey key1, key2, key3, key4; |
|
key1.MakeNewKey(true); |
|
key2.MakeNewKey(false); |
|
key3.MakeNewKey(true); |
|
key4.MakeNewKey(false); |
|
|
|
CScript scriptPubKey23; |
|
scriptPubKey23 << OP_2 << key1.GetPubKey() << key2.GetPubKey() << key3.GetPubKey() << OP_3 << OP_CHECKMULTISIG; |
|
|
|
CMutableTransaction txFrom23; |
|
txFrom23.vout.resize(1); |
|
txFrom23.vout[0].scriptPubKey = scriptPubKey23; |
|
|
|
CMutableTransaction txTo23; |
|
txTo23.vin.resize(1); |
|
txTo23.vout.resize(1); |
|
txTo23.vin[0].prevout.n = 0; |
|
txTo23.vin[0].prevout.hash = txFrom23.GetHash(); |
|
txTo23.vout[0].nValue = 1; |
|
|
|
std::vector<CKey> keys; |
|
keys.push_back(key1); keys.push_back(key2); |
|
CScript goodsig1 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(VerifyScript(goodsig1, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); |
|
keys.push_back(key1); keys.push_back(key3); |
|
CScript goodsig2 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(VerifyScript(goodsig2, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); |
|
keys.push_back(key2); keys.push_back(key3); |
|
CScript goodsig3 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(VerifyScript(goodsig3, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); |
|
keys.push_back(key2); keys.push_back(key2); // Can't re-use sig |
|
CScript badsig1 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(!VerifyScript(badsig1, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); |
|
keys.push_back(key2); keys.push_back(key1); // sigs must be in correct order |
|
CScript badsig2 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(!VerifyScript(badsig2, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); |
|
keys.push_back(key3); keys.push_back(key2); // sigs must be in correct order |
|
CScript badsig3 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(!VerifyScript(badsig3, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); |
|
keys.push_back(key4); keys.push_back(key2); // sigs must match pubkeys |
|
CScript badsig4 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(!VerifyScript(badsig4, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); |
|
keys.push_back(key1); keys.push_back(key4); // sigs must match pubkeys |
|
CScript badsig5 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(!VerifyScript(badsig5, scriptPubKey23, txTo23, 0, flags)); |
|
|
|
keys.clear(); // Must have signatures |
|
CScript badsig6 = sign_multisig(scriptPubKey23, keys, txTo23); |
|
BOOST_CHECK(!VerifyScript(badsig6, scriptPubKey23, txTo23, 0, flags)); |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_combineSigs) |
|
{ |
|
// Test the CombineSignatures function |
|
CBasicKeyStore keystore; |
|
vector<CKey> keys; |
|
vector<CPubKey> pubkeys; |
|
for (int i = 0; i < 3; i++) |
|
{ |
|
CKey key; |
|
key.MakeNewKey(i%2 == 1); |
|
keys.push_back(key); |
|
pubkeys.push_back(key.GetPubKey()); |
|
keystore.AddKey(key); |
|
} |
|
|
|
CMutableTransaction txFrom; |
|
txFrom.vout.resize(1); |
|
txFrom.vout[0].scriptPubKey = GetScriptForDestination(keys[0].GetPubKey().GetID()); |
|
CScript& scriptPubKey = txFrom.vout[0].scriptPubKey; |
|
CMutableTransaction txTo; |
|
txTo.vin.resize(1); |
|
txTo.vout.resize(1); |
|
txTo.vin[0].prevout.n = 0; |
|
txTo.vin[0].prevout.hash = txFrom.GetHash(); |
|
CScript& scriptSig = txTo.vin[0].scriptSig; |
|
txTo.vout[0].nValue = 1; |
|
|
|
CScript empty; |
|
CScript combined = CombineSignatures(scriptPubKey, txTo, 0, empty, empty); |
|
BOOST_CHECK(combined.empty()); |
|
|
|
// Single signature case: |
|
SignSignature(keystore, txFrom, txTo, 0); // changes scriptSig |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty); |
|
BOOST_CHECK(combined == scriptSig); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig); |
|
BOOST_CHECK(combined == scriptSig); |
|
CScript scriptSigCopy = scriptSig; |
|
// Signing again will give a different, valid signature: |
|
SignSignature(keystore, txFrom, txTo, 0); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig); |
|
BOOST_CHECK(combined == scriptSigCopy || combined == scriptSig); |
|
|
|
// P2SH, single-signature case: |
|
CScript pkSingle; pkSingle << keys[0].GetPubKey() << OP_CHECKSIG; |
|
keystore.AddCScript(pkSingle); |
|
scriptPubKey = GetScriptForDestination(pkSingle.GetID()); |
|
SignSignature(keystore, txFrom, txTo, 0); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty); |
|
BOOST_CHECK(combined == scriptSig); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig); |
|
BOOST_CHECK(combined == scriptSig); |
|
scriptSigCopy = scriptSig; |
|
SignSignature(keystore, txFrom, txTo, 0); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig); |
|
BOOST_CHECK(combined == scriptSigCopy || combined == scriptSig); |
|
// dummy scriptSigCopy with placeholder, should always choose non-placeholder: |
|
scriptSigCopy = CScript() << OP_0 << static_cast<vector<unsigned char> >(pkSingle); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig); |
|
BOOST_CHECK(combined == scriptSig); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, scriptSig, scriptSigCopy); |
|
BOOST_CHECK(combined == scriptSig); |
|
|
|
// Hardest case: Multisig 2-of-3 |
|
scriptPubKey = GetScriptForMultisig(2, pubkeys); |
|
keystore.AddCScript(scriptPubKey); |
|
SignSignature(keystore, txFrom, txTo, 0); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty); |
|
BOOST_CHECK(combined == scriptSig); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig); |
|
BOOST_CHECK(combined == scriptSig); |
|
|
|
// A couple of partially-signed versions: |
|
vector<unsigned char> sig1; |
|
uint256 hash1 = SignatureHash(scriptPubKey, txTo, 0, SIGHASH_ALL); |
|
BOOST_CHECK(keys[0].Sign(hash1, sig1)); |
|
sig1.push_back(SIGHASH_ALL); |
|
vector<unsigned char> sig2; |
|
uint256 hash2 = SignatureHash(scriptPubKey, txTo, 0, SIGHASH_NONE); |
|
BOOST_CHECK(keys[1].Sign(hash2, sig2)); |
|
sig2.push_back(SIGHASH_NONE); |
|
vector<unsigned char> sig3; |
|
uint256 hash3 = SignatureHash(scriptPubKey, txTo, 0, SIGHASH_SINGLE); |
|
BOOST_CHECK(keys[2].Sign(hash3, sig3)); |
|
sig3.push_back(SIGHASH_SINGLE); |
|
|
|
// Not fussy about order (or even existence) of placeholders or signatures: |
|
CScript partial1a = CScript() << OP_0 << sig1 << OP_0; |
|
CScript partial1b = CScript() << OP_0 << OP_0 << sig1; |
|
CScript partial2a = CScript() << OP_0 << sig2; |
|
CScript partial2b = CScript() << sig2 << OP_0; |
|
CScript partial3a = CScript() << sig3; |
|
CScript partial3b = CScript() << OP_0 << OP_0 << sig3; |
|
CScript partial3c = CScript() << OP_0 << sig3 << OP_0; |
|
CScript complete12 = CScript() << OP_0 << sig1 << sig2; |
|
CScript complete13 = CScript() << OP_0 << sig1 << sig3; |
|
CScript complete23 = CScript() << OP_0 << sig2 << sig3; |
|
|
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial1a, partial1b); |
|
BOOST_CHECK(combined == partial1a); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial1a, partial2a); |
|
BOOST_CHECK(combined == complete12); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial2a, partial1a); |
|
BOOST_CHECK(combined == complete12); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial1b, partial2b); |
|
BOOST_CHECK(combined == complete12); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial1b); |
|
BOOST_CHECK(combined == complete13); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial2a, partial3a); |
|
BOOST_CHECK(combined == complete23); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial2b); |
|
BOOST_CHECK(combined == complete23); |
|
combined = CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial3a); |
|
BOOST_CHECK(combined == partial3c); |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_standard_push) |
|
{ |
|
for (int i=0; i<1000; i++) { |
|
CScript script; |
|
script << i; |
|
BOOST_CHECK_MESSAGE(script.IsPushOnly(), "Number " << i << " is not pure push."); |
|
BOOST_CHECK_MESSAGE(script.HasCanonicalPushes(), "Number " << i << " push is not canonical."); |
|
} |
|
|
|
for (int i=0; i<1000; i++) { |
|
std::vector<unsigned char> data(i, '\111'); |
|
CScript script; |
|
script << data; |
|
BOOST_CHECK_MESSAGE(script.IsPushOnly(), "Length " << i << " is not pure push."); |
|
BOOST_CHECK_MESSAGE(script.HasCanonicalPushes(), "Length " << i << " push is not canonical."); |
|
} |
|
} |
|
|
|
BOOST_AUTO_TEST_CASE(script_IsPushOnly_on_invalid_scripts) |
|
{ |
|
// IsPushOnly returns false when given a script containing only pushes that |
|
// are invalid due to truncation. IsPushOnly() is consensus critical |
|
// because P2SH evaluation uses it, although this specific behavior should |
|
// not be consensus critical as the P2SH evaluation would fail first due to |
|
// the invalid push. Still, it doesn't hurt to test it explicitly. |
|
static const unsigned char direct[] = { 1 }; |
|
BOOST_CHECK(!CScript(direct, direct+sizeof(direct)).IsPushOnly()); |
|
} |
|
|
|
BOOST_AUTO_TEST_SUITE_END()
|
|
|