Changeset View
Changeset View
Standalone View
Standalone View
src/script/sigencoding.cpp
Show First 20 Lines • Show All 158 Lines • ▼ Show 20 Lines | |||||
static bool CheckRawECDSASignatureEncoding(const slicedvaltype &sig, | static bool CheckRawECDSASignatureEncoding(const slicedvaltype &sig, | ||||
uint32_t flags, | uint32_t flags, | ||||
ScriptError *serror) { | ScriptError *serror) { | ||||
if (IsSchnorrSig(sig)) { | if (IsSchnorrSig(sig)) { | ||||
// In an ECDSA-only context, 64-byte signatures are forbidden. | // In an ECDSA-only context, 64-byte signatures are forbidden. | ||||
return set_error(serror, SCRIPT_ERR_SIG_BADLENGTH); | return set_error(serror, SCRIPT_ERR_SIG_BADLENGTH); | ||||
} | } | ||||
// https://bitcoin.stackexchange.com/a/12556: | |||||
if ((flags & (SCRIPT_VERIFY_DERSIG | SCRIPT_VERIFY_LOW_S | | if ((flags & (SCRIPT_VERIFY_DERSIG | SCRIPT_VERIFY_LOW_S | | ||||
SCRIPT_VERIFY_STRICTENC)) && | SCRIPT_VERIFY_STRICTENC)) && | ||||
!IsValidDERSignatureEncoding(sig)) { | !IsValidDERSignatureEncoding(sig)) { | ||||
return set_error(serror, SCRIPT_ERR_SIG_DER); | return set_error(serror, SCRIPT_ERR_SIG_DER); | ||||
} | } | ||||
// If the S value is above the order of the curve divided by two, its | |||||
// complement modulo the order could have been used instead, which is | |||||
// one byte shorter when encoded correctly. | |||||
if ((flags & SCRIPT_VERIFY_LOW_S) && !CPubKey::CheckLowS(sig)) { | if ((flags & SCRIPT_VERIFY_LOW_S) && !CPubKey::CheckLowS(sig)) { | ||||
return set_error(serror, SCRIPT_ERR_SIG_HIGH_S); | return set_error(serror, SCRIPT_ERR_SIG_HIGH_S); | ||||
} | } | ||||
return true; | return true; | ||||
} | } | ||||
static bool CheckRawSchnorrSignatureEncoding(const slicedvaltype &sig, | static bool CheckRawSchnorrSignatureEncoding(const slicedvaltype &sig, | ||||
▲ Show 20 Lines • Show All 147 Lines • Show Last 20 Lines |