From 1f2e1fb6d5bfc0952a250c95723b115fc2f6b916 Mon Sep 17 00:00:00 2001 From: Christopher Jeffrey Date: Wed, 17 Feb 2016 21:32:29 -0800 Subject: [PATCH] add an extra failsafe check to checksig before normalizing DER sig length. --- lib/bcoin/script.js | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/bcoin/script.js b/lib/bcoin/script.js index 6ea3fcc6..a7ecacdc 100644 --- a/lib/bcoin/script.js +++ b/lib/bcoin/script.js @@ -292,7 +292,10 @@ script.concat = function concat(scripts) { return s; }; -script.checksig = function checksig(msg, sig, key) { +script.checksig = function checksig(msg, sig, key, flags) { + if (flags == null) + flags = constants.flags.STANDARD_VERIFY_FLAGS; + if (key.getPublic) key = key.getPublic(); @@ -306,8 +309,13 @@ script.checksig = function checksig(msg, sig, key) { // Attempt to normalize the signature // length before passing to elliptic. + // Note: We only do this for historical data! // https://github.com/indutny/elliptic/issues/78 - sig = script.normalizeDER(sig); + if (!((flags & constants.flags.VERIFY_DERSIG) + || (flags & constants.flags.VERIFY_LOW_S) + || (flags & constants.flags.VERIFY_STRICTENC))) { + sig = script.normalizeDER(sig); + } // Use a try catch in case there are // any uncaught errors for bad inputs in verify(). @@ -898,7 +906,7 @@ script.execute = function execute(data, stack, tx, index, flags, recurse) { hash = tx.signatureHash(index, subscript, type); - res = script.checksig(hash, sig, key); + res = script.checksig(hash, sig, key, flags); if (o === 'checksigverify') { if (!res) return false; @@ -959,7 +967,7 @@ script.execute = function execute(data, stack, tx, index, flags, recurse) { res = false; for (; !res && j < n; j++) - res = script.checksig(hash, sig, keys[j]); + res = script.checksig(hash, sig, keys[j], flags); if (res) succ++;