diff --git a/src/cashaddrenc.cpp b/src/cashaddrenc.cpp index 85d6fe66d..2e09358c9 100644 --- a/src/cashaddrenc.cpp +++ b/src/cashaddrenc.cpp @@ -1,128 +1,156 @@ // Copyright (c) 2017 The Bitcoin developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include "cashaddrenc.h" #include "cashaddr.h" #include "chainparams.h" #include "pubkey.h" #include "script/script.h" #include "utilstrencodings.h" -#include + #include -#include -const uint8_t CASHADDR_VERSION_PUBKEY = 0; -const uint8_t CASHADDR_VERISON_SCRIPT = 8; +#include + +const uint8_t PUBKEY_TYPE = 0; +const uint8_t SCRIPT_TYPE = 1; // Size of data-part in a pubkey/script cash address. // Consists of: 8 bits version + 160 bits hash. const size_t CASHADDR_GROUPED_SIZE = 34; /* 5 bit representation */ const size_t CASHADDR_BYTES = 21; /* 8 bit representation */ namespace { -// Implements encoding of CTxDestination using cashaddr. -class CashAddrEncoder : public boost::static_visitor { -public: - CashAddrEncoder(const CChainParams &p); - - std::string operator()(const CKeyID &id) const; - std::string operator()(const CScriptID &id) const; - std::string operator()(const CNoDestination &) const; - -private: - const CChainParams ¶ms; -}; - // Convert the data part to a 5 bit representation. template -std::vector PackAddrData(const T &id, uint8_t version, +std::vector PackAddrData(const T &id, uint8_t type, size_t expectedSize) { - std::vector data = {version}; + std::vector data = {uint8_t(type << 3)}; data.insert(data.end(), id.begin(), id.end()); - const std::string errstr = "Error packing cashaddr"; - std::vector converted; - if (!ConvertBits<8, 5, true>(converted, begin(data), end(data))) { - throw std::runtime_error(errstr); - } + converted.reserve(expectedSize); + ConvertBits<8, 5, true>(converted, begin(data), end(data)); if (converted.size() != expectedSize) { - throw std::runtime_error(errstr); + throw std::runtime_error("Error packing cashaddr"); } return converted; } -CashAddrEncoder::CashAddrEncoder(const CChainParams &p) : params(p) {} +// Implements encoding of CTxDestination using cashaddr. +class CashAddrEncoder : public boost::static_visitor { +public: + CashAddrEncoder(const CChainParams &p) : params(p) {} + + std::string operator()(const CKeyID &id) const { + std::vector data = + PackAddrData(id, PUBKEY_TYPE, CASHADDR_GROUPED_SIZE); + return cashaddr::Encode(params.CashAddrPrefix(), data); + } -std::string CashAddrEncoder::operator()(const CKeyID &id) const { - std::vector data = - PackAddrData(id, CASHADDR_VERSION_PUBKEY, CASHADDR_GROUPED_SIZE); - return cashaddr::Encode(params.CashAddrPrefix(), data); -} + std::string operator()(const CScriptID &id) const { + std::vector data = + PackAddrData(id, SCRIPT_TYPE, CASHADDR_GROUPED_SIZE); + return cashaddr::Encode(params.CashAddrPrefix(), data); + } -std::string CashAddrEncoder::operator()(const CScriptID &id) const { - std::vector data = - PackAddrData(id, CASHADDR_VERISON_SCRIPT, CASHADDR_GROUPED_SIZE); - return cashaddr::Encode(params.CashAddrPrefix(), data); -} + std::string operator()(const CNoDestination &) const { return ""; } -std::string CashAddrEncoder::operator()(const CNoDestination &) const { - return ""; -} +private: + const CChainParams ¶ms; +}; } // anon ns std::string EncodeCashAddr(const CTxDestination &dst, const CChainParams ¶ms) { return boost::apply_visitor(CashAddrEncoder(params), dst); } -CTxDestination DecodeCashAddr(const std::string &addrstr, +CTxDestination DecodeCashAddr(const std::string &addr, const CChainParams ¶ms) { + CashAddrContent content = DecodeCashAddrContent(addr, params); + if (content.hash.size() == 0) { + return CNoDestination{}; + } + + return DecodeCashAddrDestination(content); +} + +CashAddrContent DecodeCashAddrContent(const std::string &addr, + const CChainParams ¶ms) { std::pair> cashaddr = - cashaddr::Decode(addrstr); + cashaddr::Decode(addr); if (cashaddr.first != params.CashAddrPrefix()) { - return CNoDestination{}; + return {}; } if (cashaddr.second.empty()) { - return CNoDestination{}; + return {}; + } + + // Check that the padding is zero. + size_t extrabits = cashaddr.second.size() * 5 % 8; + if (extrabits >= 5) { + // We have more padding than allowed. + return {}; + } + + uint8_t last = cashaddr.second.back(); + uint8_t mask = (1 << extrabits) - 1; + if (last & mask) { + // We have non zero bits as padding. + return {}; } std::vector data; - if (!ConvertBits<5, 8, true>(data, begin(cashaddr.second), - end(cashaddr.second))) { - return CNoDestination{}; + data.reserve(CASHADDR_BYTES); + ConvertBits<5, 8, false>(data, begin(cashaddr.second), + end(cashaddr.second)); + + // Decode type and size from the version. + uint8_t version = data[0]; + if (version & 0x80) { + // First bit is reserved. + return {}; } - // Both encoding and decoding add padding, so it's double padded. - // Truncate the double padding. - if (data.back() != 0) { - // Not padded, should be. - return CNoDestination{}; + uint8_t type = (version >> 3) & 0x1f; + uint32_t hash_size = 20 + 4 * (version & 0x03); + if (version & 0x04) { + hash_size *= 2; } - data.pop_back(); // Check that we decoded the exact number of bytes we expected. - if (data.size() != CASHADDR_BYTES) { - return CNoDestination{}; + if (data.size() != hash_size + 1) { + return {}; } - uint160 hash; - std::copy(begin(data) + 1, end(data), hash.begin()); + // Pop the version. + data.erase(data.begin()); - uint8_t version = data.at(0); - if (version == CASHADDR_VERSION_PUBKEY) { - return CKeyID(hash); - } - if (version == CASHADDR_VERISON_SCRIPT) { - return CScriptID(hash); + return {type, std::move(data)}; +} + +CTxDestination DecodeCashAddrDestination(const CashAddrContent &content) { + if (content.hash.size() != 20) { + // Only 20 bytes hash are supported now. + return CNoDestination{}; } - // unknown version - return CNoDestination{}; + uint160 hash; + std::copy(begin(content.hash), end(content.hash), hash.begin()); + + switch (content.type) { + case PUBKEY_TYPE: + return CKeyID(hash); + case SCRIPT_TYPE: + return CScriptID(hash); + default: + return CNoDestination{}; + } } diff --git a/src/cashaddrenc.h b/src/cashaddrenc.h index 397359978..24eb3ae54 100644 --- a/src/cashaddrenc.h +++ b/src/cashaddrenc.h @@ -1,17 +1,27 @@ // Copyright (c) 2017 The Bitcoin developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #ifndef BITCOIN_CASHADDRENC_H #define BITCOIN_CASHADDRENC_H #include "script/standard.h" + #include +#include class CChainParams; +std::string EncodeCashAddr(const CTxDestination &, const CChainParams &); + +struct CashAddrContent { + uint8_t type; + std::vector hash; +}; + CTxDestination DecodeCashAddr(const std::string &addr, const CChainParams ¶ms); - -std::string EncodeCashAddr(const CTxDestination &, const CChainParams &); +CashAddrContent DecodeCashAddrContent(const std::string &addr, + const CChainParams ¶ms); +CTxDestination DecodeCashAddrDestination(const CashAddrContent &content); #endif diff --git a/src/test/cashaddrenc_tests.cpp b/src/test/cashaddrenc_tests.cpp index f89852dad..4b7298f6a 100644 --- a/src/test/cashaddrenc_tests.cpp +++ b/src/test/cashaddrenc_tests.cpp @@ -1,171 +1,250 @@ // Copyright (c) 2017 The Bitcoin developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include "cashaddr.h" #include "cashaddrenc.h" #include "chainparams.h" #include "random.h" #include "test/test_bitcoin.h" #include "uint256.h" + #include namespace { std::vector GetNetworks() { return {CBaseChainParams::MAIN, CBaseChainParams::TESTNET, CBaseChainParams::REGTEST}; } uint160 insecure_GetRandUInt160(FastRandomContext &rand) { uint160 n; for (uint8_t *c = n.begin(); c != n.end(); ++c) { *c = static_cast(rand.rand32()); } return n; } class DstTypeChecker : public boost::static_visitor { public: void operator()(const CKeyID &id) { isKey = true; } void operator()(const CScriptID &id) { isScript = true; } void operator()(const CNoDestination &) {} static bool IsScriptDst(const CTxDestination &d) { DstTypeChecker checker; boost::apply_visitor(checker, d); return checker.isScript; } static bool IsKeyDst(const CTxDestination &d) { DstTypeChecker checker; boost::apply_visitor(checker, d); return checker.isKey; } private: DstTypeChecker() : isKey(false), isScript(false) {} bool isKey; bool isScript; }; } // anon ns BOOST_FIXTURE_TEST_SUITE(cashaddrenc_tests, BasicTestingSetup) BOOST_AUTO_TEST_CASE(encode_decode) { std::vector toTest = {CNoDestination{}, CKeyID(uint160S("badf00d")), CScriptID(uint160S("f00dbad"))}; for (auto dst : toTest) { for (auto net : GetNetworks()) { std::string encoded = EncodeCashAddr(dst, Params(net)); CTxDestination decoded = DecodeCashAddr(encoded, Params(net)); BOOST_CHECK(dst == decoded); } } } // Check that an encoded cash address is not valid on another network. BOOST_AUTO_TEST_CASE(invalid_on_wrong_network) { const CTxDestination dst = CKeyID(uint160S("c0ffee")); const CTxDestination invalidDst = CNoDestination{}; for (auto net : GetNetworks()) { for (auto otherNet : GetNetworks()) { if (net == otherNet) continue; std::string encoded = EncodeCashAddr(dst, Params(net)); CTxDestination decoded = DecodeCashAddr(encoded, Params(otherNet)); BOOST_CHECK(decoded != dst); BOOST_CHECK(decoded == invalidDst); } } } BOOST_AUTO_TEST_CASE(random_dst) { FastRandomContext rand(true); const size_t NUM_TESTS = 5000; const CChainParams ¶ms = Params(CBaseChainParams::MAIN); for (size_t i = 0; i < NUM_TESTS; ++i) { uint160 hash = insecure_GetRandUInt160(rand); const CTxDestination dst_key = CKeyID(hash); const CTxDestination dst_scr = CScriptID(hash); const std::string encoded_key = EncodeCashAddr(dst_key, params); const CTxDestination decoded_key = DecodeCashAddr(encoded_key, params); const std::string encoded_scr = EncodeCashAddr(dst_scr, params); const CTxDestination decoded_scr = DecodeCashAddr(encoded_scr, params); std::string err("cashaddr failed for hash: "); err += hash.ToString(); BOOST_CHECK_MESSAGE(dst_key == decoded_key, err); BOOST_CHECK_MESSAGE(dst_scr == decoded_scr, err); BOOST_CHECK_MESSAGE(DstTypeChecker::IsKeyDst(decoded_key), err); BOOST_CHECK_MESSAGE(DstTypeChecker::IsScriptDst(decoded_scr), err); } } -// Test that a invalid, specially crafted cashaddr stays invalid when truncated. -BOOST_AUTO_TEST_CASE(invalid_when_truncated) { - - // Cashaddr payload is 34 5-bit nibbles. The last one is padded. When - // converting back to bytes, there is additional padding. - // - // This extra padding truncated. But we should make sure that what we - // truncate is padding and not data. - // - // This test creates a invalid address that leaves data in the byte that - // should be padding. +/** + * Cashaddr payload made of 5-bit nibbles. The last one is padded. When + * converting back to bytes, this extra padding is truncated. In order to ensure + * cashaddr are cannonicals, we check that the data we truncate is zeroed. + */ +BOOST_AUTO_TEST_CASE(check_padding) { uint8_t version = 0; std::vector data = {version}; - for (size_t i = 0; i < 33; ++i) + for (size_t i = 0; i < 33; ++i) { data.push_back(1); - assert(data.size() == 34); + } + + BOOST_CHECK_EQUAL(data.size(), 34); + + const CTxDestination nodst = CNoDestination{}; + const CChainParams params = Params(CBaseChainParams::MAIN); + + for (uint8_t i = 0; i < 32; i++) { + data[data.size() - 1] = i; + std::string fake = cashaddr::Encode(params.CashAddrPrefix(), data); + CTxDestination dst = DecodeCashAddr(fake, params); + + // We have 168 bits of payload encoded as 170 bits in 5 bits nimbles. As + // a result, we must have 2 zeros. + if (i & 0x03) { + BOOST_CHECK(dst == nodst); + } else { + BOOST_CHECK(dst != nodst); + } + } +} + +/** + * We ensure type is extracted properly from the version. + */ +BOOST_AUTO_TEST_CASE(check_type) { + std::vector data; + data.resize(34); + + const CChainParams params = Params(CBaseChainParams::MAIN); + for (uint8_t v = 0; v < 16; v++) { + std::fill(begin(data), end(data), 0); + data[0] = v; + auto content = DecodeCashAddrContent( + cashaddr::Encode(params.CashAddrPrefix(), data), params); + BOOST_CHECK_EQUAL(content.type, v); + BOOST_CHECK_EQUAL(content.hash.size(), 20); + + // Check that using the reserved bit result in a failure. + data[0] |= 0x10; + content = DecodeCashAddrContent( + cashaddr::Encode(params.CashAddrPrefix(), data), params); + BOOST_CHECK_EQUAL(content.type, 0); + BOOST_CHECK_EQUAL(content.hash.size(), 0); + } +} + +/** + * We ensure size is extracted and checked properly. + */ +BOOST_AUTO_TEST_CASE(check_size) { + const CTxDestination nodst = CNoDestination{}; const CChainParams params = Params(CBaseChainParams::MAIN); - std::string fake = cashaddr::Encode(params.CashAddrPrefix(), data); - CTxDestination nodst = CNoDestination{}; - BOOST_CHECK(nodst == DecodeCashAddr(fake, params)); + // Mapp all possible size bits in the version to the expected size of the + // hash in bytes. + std::vector> sizes = { + {0, 20}, {1, 24}, {2, 28}, {3, 32}, {4, 40}, {5, 48}, {6, 56}, {7, 64}, + }; + + std::vector data; + + for (auto ps : sizes) { + size_t expectedSize = (12 + ps.second * 8) / 5; + data.resize(expectedSize); + std::fill(begin(data), end(data), 0); + data[1] = ps.first << 2; + + auto content = DecodeCashAddrContent( + cashaddr::Encode(params.CashAddrPrefix(), data), params); + + BOOST_CHECK_EQUAL(content.type, 0); + BOOST_CHECK_EQUAL(content.hash.size(), ps.second); + + data.push_back(0); + content = DecodeCashAddrContent( + cashaddr::Encode(params.CashAddrPrefix(), data), params); + + BOOST_CHECK_EQUAL(content.type, 0); + BOOST_CHECK_EQUAL(content.hash.size(), 0); + + data.pop_back(); + data.pop_back(); + content = DecodeCashAddrContent( + cashaddr::Encode(params.CashAddrPrefix(), data), params); + + BOOST_CHECK_EQUAL(content.type, 0); + BOOST_CHECK_EQUAL(content.hash.size(), 0); + } } BOOST_AUTO_TEST_CASE(test_addresses) { const CChainParams params = Params(CBaseChainParams::MAIN); std::vector> hash{ {118, 160, 64, 83, 189, 160, 168, 139, 218, 81, 119, 184, 106, 21, 195, 178, 159, 85, 152, 115}, {203, 72, 18, 50, 41, 156, 213, 116, 49, 81, 172, 75, 45, 99, 174, 25, 142, 123, 176, 169}, {1, 31, 40, 228, 115, 201, 95, 64, 19, 215, 213, 62, 197, 251, 195, 180, 45, 248, 237, 16}}; std::vector pubkey = { "bitcoincash:qpm2qsznhks23z7629mms6s4cwef74vcwvy22gdx6a", "bitcoincash:qr95sy3j9xwd2ap32xkykttr4cvcu7as4y0qverfuy", "bitcoincash:qqq3728yw0y47sqn6l2na30mcw6zm78dzqre909m2r"}; std::vector script = { "bitcoincash:ppm2qsznhks23z7629mms6s4cwef74vcwvn0h829pq", "bitcoincash:pr95sy3j9xwd2ap32xkykttr4cvcu7as4yc93ky28e", "bitcoincash:pqq3728yw0y47sqn6l2na30mcw6zm78dzq5ucqzc37"}; for (size_t i = 0; i < hash.size(); ++i) { const CTxDestination dstKey = CKeyID(uint160(hash[i])); const CTxDestination dstScript = CScriptID(uint160(hash[i])); BOOST_CHECK_EQUAL(pubkey[i], EncodeCashAddr(CKeyID(uint160(hash[i])), params)); BOOST_CHECK_EQUAL(script[i], EncodeCashAddr(CScriptID(uint160(hash[i])), params)); } } BOOST_AUTO_TEST_SUITE_END()