phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-27 03:33:27 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions
bitcoin/contrib/lax_der_parsing.h
fanquake 53eec53dca Squashed 'src/secp256k1/' changes from efe85c70a2..d8311688bd 
d8311688bd Merge bitcoin-core/secp256k1#1515: ci: Note affected clangs in comment on ASLR quirk
a85e2233e7 ci: Note affected clangs in comment on ASLR quirk
4b77fec67a Merge bitcoin-core/secp256k1#1512: msan: notate more variable assignments from assembly code
f7f0184ba1 msan: notate more variable assignments from assembly code
a61339149f change inconsistent array param to pointer
05bfab69ae Merge bitcoin-core/secp256k1#1507: ci: Add workaround for ASLR bug in sanitizers
a5e8ab2484 ci: Add sanitizer env variables to debug output
84a93de4d2 ci: Add workaround for ASLR bug in sanitizers
427e86b9ed Merge bitcoin-core/secp256k1#1490: tests: improve fe_sqr test (issue #1472)
2028069df2 doc: clarify input requirements for secp256k1_fe_mul
11420a7a28 tests: improve fe_sqr test
cdc9a6258e Merge bitcoin-core/secp256k1#1489: tests: add missing fe comparison checks for inverse field test cases
d926510cf7 Merge bitcoin-core/secp256k1#1496: msan: notate variable assignments from assembly code
31ba404944 msan: notate variable assignments from assembly code
e7ea32e30a msan: Add SECP256K1_CHECKMEM_MSAN_DEFINE which applies to memory sanitizer and not valgrind
e7bdddd9c9 refactor: rename `check_fe_equal` -> `fe_equal`
00111c9c56 tests: add missing fe comparison checks for inverse field test cases
0653a25d50 Merge bitcoin-core/secp256k1#1486: ci: Update cache action
94a14d5290 ci: Update cache action
2483627299 Merge bitcoin-core/secp256k1#1483: cmake: Recommend native CMake commands in README
5ad3aa3dcd Merge bitcoin-core/secp256k1#1484: tests: Drop redundant _scalar_check_overflow calls
51df2d9ab3 tests: Drop redundant _scalar_check_overflow calls
3777e3f36a cmake: Recommend native CMake commands in README
e4af41c61b Merge bitcoin-core/secp256k1#1249: cmake: Add `SECP256K1_LATE_CFLAGS` configure option
3bf4d68fc0 Merge bitcoin-core/secp256k1#1482: build: Clean up handling of module dependencies
e6822678ea build: Error if required module explicitly off
89ec583ccf build: Clean up handling of module dependencies
44378867a0 Merge bitcoin-core/secp256k1#1468: v0.4.1 release aftermath
a9db9f2d75 Merge bitcoin-core/secp256k1#1480: Get rid of untested sizeof(secp256k1_ge_storage) == 64 code path
74b7c3b53e Merge bitcoin-core/secp256k1#1476: include: make docs more consistent
b37fdb28ce check-abi: Minor UI improvements
ad5f589a94 check-abi: Default to HEAD for new version
9fb7e2f156 release process: Style and formatting nits
ba5d72d626 assumptions: Use new STATIC_ASSERT macro
e53c2d9ffc Require that sizeof(secp256k1_ge_storage) == 64
d0ba2abbff util: Add STATIC_ASSERT macro
da7bc1b803 include: in doc, remove article in front of "pointer"
aa3dd5280b include: make doc about ctx more consistent
e3f690015a include: remove obvious "cannot be NULL" doc
d373bf6d08 Merge bitcoin-core/secp256k1#1474: tests: restore scalar_mul test
79e094517c Merge bitcoin-core/secp256k1#1473: Fix typos
3dbfb48946 tests: restore scalar_mul test
d77170a88d Fix typos
e7053d065b release process: Add email step
429d21dc79 release process: Run sanity checks on release PR
42f8c51402 cmake: Add `SECP256K1_LATE_CFLAGS` configure option

git-subtree-dir: src/secp256k1
git-subtree-split: d8311688bd383d3a923a1b11789cded3cc8e5e03
2024-04-04 12:05:16 +01:00

97 lines
4.1 KiB
C
Raw Blame History

/***********************************************************************
* Copyright (c) 2015 Pieter Wuille *
* Distributed under the MIT software license, see the accompanying *
* file COPYING or https://www.opensource.org/licenses/mit-license.php.*
***********************************************************************/
/****
* Please do not link this file directly. It is not part of the libsecp256k1
* project and does not promise any stability in its API, functionality or
* presence. Projects which use this code should instead copy this header
* and its accompanying .c file directly into their codebase.
****/
/* This file defines a function that parses DER with various errors and
* violations. This is not a part of the library itself, because the allowed
* violations are chosen arbitrarily and do not follow or establish any
* standard.
*
* In many places it matters that different implementations do not only accept
* the same set of valid signatures, but also reject the same set of signatures.
* The only means to accomplish that is by strictly obeying a standard, and not
* accepting anything else.
*
* Nonetheless, sometimes there is a need for compatibility with systems that
* use signatures which do not strictly obey DER. The snippet below shows how
* certain violations are easily supported. You may need to adapt it.
*
* Do not use this for new systems. Use well-defined DER or compact signatures
* instead if you have the choice (see secp256k1_ecdsa_signature_parse_der and
* secp256k1_ecdsa_signature_parse_compact).
*
* The supported violations are:
* - All numbers are parsed as nonnegative integers, even though X.609-0207
* section 8.3.3 specifies that integers are always encoded as two's
* complement.
* - Integers can have length 0, even though section 8.3.1 says they can't.
* - Integers with overly long padding are accepted, violation section
* 8.3.2.
* - 127-byte long length descriptors are accepted, even though section
* 8.1.3.5.c says that they are not.
* - Trailing garbage data inside or after the signature is ignored.
* - The length descriptor of the sequence is ignored.
*
* Compared to for example OpenSSL, many violations are NOT supported:
* - Using overly long tag descriptors for the sequence or integers inside,
* violating section 8.1.2.2.
* - Encoding primitive integers as constructed values, violating section
* 8.3.1.
*/
#ifndef SECP256K1_CONTRIB_LAX_DER_PARSING_H
#define SECP256K1_CONTRIB_LAX_DER_PARSING_H
/* #include secp256k1.h only when it hasn't been included yet.
This enables this file to be #included directly in other project
files (such as tests.c) without the need to set an explicit -I flag,
which would be necessary to locate secp256k1.h. */
#ifndef SECP256K1_H
#include <secp256k1.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/** Parse a signature in "lax DER" format
*
* Returns: 1 when the signature could be parsed, 0 otherwise.
* Args: ctx: a secp256k1 context object
* Out: sig: pointer to a signature object
* In: input: pointer to the signature to be parsed
* inputlen: the length of the array pointed to be input
*
* This function will accept any valid DER encoded signature, even if the
* encoded numbers are out of range. In addition, it will accept signatures
* which violate the DER spec in various ways. Its purpose is to allow
* validation of the Bitcoin blockchain, which includes non-DER signatures
* from before the network rules were updated to enforce DER. Note that
* the set of supported violations is a strict subset of what OpenSSL will
* accept.
*
* After the call, sig will always be initialized. If parsing failed or the
* encoded numbers are out of range, signature validation with it is
* guaranteed to fail for every message and public key.
*/
int ecdsa_signature_parse_der_lax(
const secp256k1_context* ctx,
secp256k1_ecdsa_signature* sig,
const unsigned char *input,
size_t inputlen
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
#ifdef __cplusplus
}
#endif
#endif /* SECP256K1_CONTRIB_LAX_DER_PARSING_H */
Reference in a new issue View git blame Copy permalink