RanchiMall/fcoin
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add an extra failsafe check to checksig before normalizing DER sig length.

Browse Source
This commit is contained in:
Christopher Jeffrey 2016-02-17 21:32:29 -08:00
parent 86cebb7e3b
commit 1f2e1fb6d5
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/bcoin/script.js
View File

@ -292,7 +292,10 @@ script.concat = function concat(scripts) {
return s;
};
script.checksig = function checksig(msg, sig, key) {
script.checksig = function checksig(msg, sig, key, flags) {
if (flags == null)
flags = constants.flags.STANDARD_VERIFY_FLAGS;
if (key.getPublic)
key = key.getPublic();
@ -306,8 +309,13 @@ script.checksig = function checksig(msg, sig, key) {
// Attempt to normalize the signature
// length before passing to elliptic.
// Note: We only do this for historical data!
// https://github.com/indutny/elliptic/issues/78
sig = script.normalizeDER(sig);
if (!((flags & constants.flags.VERIFY_DERSIG)
|| (flags & constants.flags.VERIFY_LOW_S)
|| (flags & constants.flags.VERIFY_STRICTENC))) {
sig = script.normalizeDER(sig);
}
// Use a try catch in case there are
// any uncaught errors for bad inputs in verify().
@ -898,7 +906,7 @@ script.execute = function execute(data, stack, tx, index, flags, recurse) {
hash = tx.signatureHash(index, subscript, type);
res = script.checksig(hash, sig, key);
res = script.checksig(hash, sig, key, flags);
if (o === 'checksigverify') {
if (!res)
return false;
@ -959,7 +967,7 @@ script.execute = function execute(data, stack, tx, index, flags, recurse) {
res = false;
for (; !res && j < n; j++)
res = script.checksig(hash, sig, keys[j]);
res = script.checksig(hash, sig, keys[j], flags);
if (res)
succ++;