Line data Source code
1 : // Copyright (c) 2013 The Bitcoin Core developers
2 : // Distributed under the MIT software license, see the accompanying
3 : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 :
5 : #include "consensus/validation.h"
6 : #include "data/sighash.json.h"
7 : #include "hash.h"
8 : #include "main.h" // For CheckTransaction
9 : #include "random.h"
10 : #include "script/interpreter.h"
11 : #include "script/script.h"
12 : #include "serialize.h"
13 : #include "streams.h"
14 : #include "test/test_bitcoin.h"
15 : #include "util.h"
16 : #include "utilstrencodings.h"
17 : #include "version.h"
18 :
19 : #include <iostream>
20 :
21 : #include <boost/test/unit_test.hpp>
22 :
23 : #include <univalue.h>
24 :
25 : extern UniValue read_json(const std::string& jsondata);
26 :
27 : // Old script.cpp SignatureHash function
28 50000 : uint256 static SignatureHashOld(CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType)
29 : {
30 50001 : static const uint256 one(uint256S("0000000000000000000000000000000000000000000000000000000000000001"));
31 100000 : if (nIn >= txTo.vin.size())
32 : {
33 : printf("ERROR: SignatureHash(): nIn=%d out of range\n", nIn);
34 0 : return one;
35 : }
36 50000 : CMutableTransaction txTmp(txTo);
37 :
38 : // In case concatenating two scripts ends up with two codeseparators,
39 : // or an extra one at the end, this prevents all those possible incompatibilities.
40 100000 : scriptCode.FindAndDelete(CScript(OP_CODESEPARATOR));
41 :
42 : // Blank out other inputs' signatures
43 349836 : for (unsigned int i = 0; i < txTmp.vin.size(); i++)
44 374754 : txTmp.vin[i].scriptSig = CScript();
45 100000 : txTmp.vin[nIn].scriptSig = scriptCode;
46 :
47 : // Blank out some of the outputs
48 50000 : if ((nHashType & 0x1f) == SIGHASH_NONE)
49 : {
50 : // Wildcard payee
51 : txTmp.vout.clear();
52 :
53 : // Let the others update at will
54 11100 : for (unsigned int i = 0; i < txTmp.vin.size(); i++)
55 3969 : if (i != nIn)
56 4776 : txTmp.vin[i].nSequence = 0;
57 : }
58 48419 : else if ((nHashType & 0x1f) == SIGHASH_SINGLE)
59 : {
60 : // Only lock-in the txout payee at same index as txin
61 1566 : unsigned int nOut = nIn;
62 3132 : if (nOut >= txTmp.vout.size())
63 : {
64 : printf("ERROR: SignatureHash(): nOut=%d out of range\n", nOut);
65 0 : return one;
66 : }
67 3132 : txTmp.vout.resize(nOut+1);
68 2674 : for (unsigned int i = 0; i < nOut; i++)
69 2216 : txTmp.vout[i].SetNull();
70 :
71 : // Let the others update at will
72 9250 : for (unsigned int i = 0; i < txTmp.vin.size(); i++)
73 3842 : if (i != nIn)
74 4552 : txTmp.vin[i].nSequence = 0;
75 : }
76 :
77 : // Blank out other inputs completely, not recommended for open transactions
78 50000 : if (nHashType & SIGHASH_ANYONECANPAY)
79 : {
80 50338 : txTmp.vin[0] = txTmp.vin[nIn];
81 50338 : txTmp.vin.resize(1);
82 : }
83 :
84 : // Serialize and hash
85 : CHashWriter ss(SER_GETHASH, 0);
86 50000 : ss << txTmp << nHashType;
87 : return ss.GetHash();
88 : }
89 :
90 300238 : void static RandomScript(CScript &script) {
91 : static const opcodetype oplist[] = {OP_FALSE, OP_1, OP_2, OP_3, OP_CHECKSIG, OP_IF, OP_VERIF, OP_RETURN, OP_CODESEPARATOR};
92 300238 : script = CScript();
93 300238 : int ops = (insecure_rand() % 10);
94 1649791 : for (int i=0; i<ops; i++)
95 1349553 : script << oplist[insecure_rand() % (sizeof(oplist)/sizeof(oplist[0]))];
96 300238 : }
97 :
98 50000 : void static RandomTransaction(CMutableTransaction &tx, bool fSingle) {
99 50000 : tx.nVersion = insecure_rand();
100 50000 : tx.vin.clear();
101 50000 : tx.vout.clear();
102 50000 : tx.nLockTime = (insecure_rand() % 2) ? insecure_rand() : 0;
103 50000 : int ins = (insecure_rand() % 4) + 1;
104 50000 : int outs = fSingle ? ins : (insecure_rand() % 4) + 1;
105 174918 : for (int in = 0; in < ins; in++) {
106 249836 : tx.vin.push_back(CTxIn());
107 249836 : CTxIn &txin = tx.vin.back();
108 124918 : txin.prevout.hash = GetRandHash();
109 124918 : txin.prevout.n = insecure_rand() % 4;
110 124918 : RandomScript(txin.scriptSig);
111 124918 : txin.nSequence = (insecure_rand() % 2) ? insecure_rand() : (unsigned int)-1;
112 : }
113 125320 : for (int out = 0; out < outs; out++) {
114 250640 : tx.vout.push_back(CTxOut());
115 250640 : CTxOut &txout = tx.vout.back();
116 125320 : txout.nValue = insecure_rand() % 100000000;
117 125320 : RandomScript(txout.scriptPubKey);
118 : }
119 50000 : }
120 :
121 1 : BOOST_FIXTURE_TEST_SUITE(sighash_tests, BasicTestingSetup)
122 :
123 6 : BOOST_AUTO_TEST_CASE(sighash_test)
124 : {
125 1 : seed_insecure_rand(false);
126 :
127 : #if defined(PRINT_SIGHASH_JSON)
128 : std::cout << "[\n";
129 : std::cout << "\t[\"raw_transaction, script, input_index, hashType, signature_hash (result)\"],\n";
130 : #endif
131 1 : int nRandomTests = 50000;
132 :
133 : #if defined(PRINT_SIGHASH_JSON)
134 : nRandomTests = 500;
135 : #endif
136 50001 : for (int i=0; i<nRandomTests; i++) {
137 50000 : int nHashType = insecure_rand();
138 50000 : CMutableTransaction txTo;
139 50000 : RandomTransaction(txTo, (nHashType & 0x1f) == SIGHASH_SINGLE);
140 : CScript scriptCode;
141 50000 : RandomScript(scriptCode);
142 100000 : int nIn = insecure_rand() % txTo.vin.size();
143 :
144 : uint256 sh, sho;
145 200000 : sho = SignatureHashOld(scriptCode, txTo, nIn, nHashType);
146 100000 : sh = SignatureHash(scriptCode, txTo, nIn, nHashType);
147 : #if defined(PRINT_SIGHASH_JSON)
148 : CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
149 : ss << txTo;
150 :
151 : std::cout << "\t[\"" ;
152 : std::cout << HexStr(ss.begin(), ss.end()) << "\", \"";
153 : std::cout << HexStr(scriptCode) << "\", ";
154 : std::cout << nIn << ", ";
155 : std::cout << nHashType << ", \"";
156 : std::cout << sho.GetHex() << "\"]";
157 : if (i+1 != nRandomTests) {
158 : std::cout << ",";
159 : }
160 : std::cout << "\n";
161 : #endif
162 350000 : BOOST_CHECK(sh == sho);
163 : }
164 : #if defined(PRINT_SIGHASH_JSON)
165 : std::cout << "]\n";
166 : #endif
167 1 : }
168 :
169 : // Goal: check that SignatureHash generates correct hash
170 6 : BOOST_AUTO_TEST_CASE(sighash_from_data)
171 : {
172 4 : UniValue tests = read_json(std::string(json_tests::sighash, json_tests::sighash + sizeof(json_tests::sighash)));
173 :
174 1004 : for (unsigned int idx = 0; idx < tests.size(); idx++) {
175 501 : UniValue test = tests[idx];
176 501 : std::string strTest = test.write();
177 501 : if (test.size() < 1) // Allow for extra stuff (useful for comments)
178 : {
179 0 : BOOST_ERROR("Bad test: " << strTest);
180 : continue;
181 : }
182 501 : if (test.size() == 1) continue; // comment
183 :
184 : std::string raw_tx, raw_script, sigHashHex;
185 : int nIn, nHashType;
186 : uint256 sh;
187 500 : CTransaction tx;
188 : CScript scriptCode = CScript();
189 :
190 : try {
191 : // deserialize test data
192 1000 : raw_tx = test[0].get_str();
193 1000 : raw_script = test[1].get_str();
194 500 : nIn = test[2].get_int();
195 500 : nHashType = test[3].get_int();
196 1000 : sigHashHex = test[4].get_str();
197 :
198 : uint256 sh;
199 1000 : CDataStream stream(ParseHex(raw_tx), SER_NETWORK, PROTOCOL_VERSION);
200 : stream >> tx;
201 :
202 500 : CValidationState state;
203 3500 : BOOST_CHECK_MESSAGE(CheckTransaction(tx, state), strTest);
204 4500 : BOOST_CHECK(state.IsValid());
205 :
206 500 : std::vector<unsigned char> raw = ParseHex(raw_script);
207 500 : scriptCode.insert(scriptCode.end(), raw.begin(), raw.end());
208 0 : } catch (...) {
209 0 : BOOST_ERROR("Bad test, couldn't deserialize data: " << strTest);
210 : continue;
211 : }
212 :
213 500 : sh = SignatureHash(scriptCode, tx, nIn, nHashType);
214 4000 : BOOST_CHECK_MESSAGE(sh.GetHex() == sigHashHex, strTest);
215 501 : }
216 1 : }
217 3 : BOOST_AUTO_TEST_SUITE_END()
|
