Make empty byte arrays pass CheckSignatureEncoding() #5627

pull petertodd wants to merge 1 commits into bitcoin:master from petertodd:bip62-compact-validly-encoded-invalid-sigs changing 4 files +11 −5
  1. petertodd commented at 11:01 AM on January 9, 2015: contributor

    Makes it possible to compactly provide a delibrately invalid signature for use with CHECK(MULTI)SIG. For instance with BIP19 if m != n invalid signatures need to be provided in the scriptSig; prior to this change those invalid signatures would need to be large DER-encoded signatures.

    Note that we may want to further expand on this change in the future by saying that only OP_0 is a "valid" invalid signature; BIP19 even with this change is inherently malleable as the invalid signatures can be any validly encoded DER signature.

    CC: @sipa

  2. Make empty byte arrays pass CheckSignatureEncoding()
    Makes it possible to compactly provide a delibrately invalid signature
for use with CHECK(MULTI)SIG. For instance with BIP19 if m != n invalid
signatures need to be provided in the scriptSig; prior to this change
those invalid signatures would need to be large DER-encoded signatures.

Note that we may want to further expand on this change in the future by
saying that only OP_0 is a "valid" invalid signature; BIP19 even with
this change is inherently malleable as the invalid signatures can be any
validly encoded DER signature.
    2fa9a8ec86
  3. petertodd force-pushed on Jan 9, 2015
  4. in src/test/multisig_tests.cpp:None in 2fa9a8ec86 
     115 | @@ -116,10 +116,6 @@ BOOST_AUTO_TEST_CASE(multisig_verify)
 116 |          }
 117 |      }
 118 |      s.clear();
 119 | -    s << OP_0 << OP_0;
 120 | -    BOOST_CHECK(!VerifyScript(s, a_or_b, flags, SignatureChecker(txTo[1], 0), &err));
 121 | -    BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_SIG_DER, ScriptErrorString(err));
 122 | -    s.clear();
    petertodd commented at 11:07 AM on January 9, 2015:

    I'm not 100% clear on why this code was duplicated; the next lines are identical but with "OP_0 << OP_1" rather than "OP_0 << OP_0". I believe this was just exercising different ways of failing the DER encoding, so I removed the way that is now valid.

  5. petertodd commented at 11:08 AM on January 9, 2015: contributor

    See also the corresponding pull-req to BIP62: https://github.com/bitcoin/bips/pull/132

  6. laanwj added the label Validation on Jan 9, 2015
  7. sipa commented at 11:48 PM on January 9, 2015: member

    ACK

  8. gmaxwell commented at 3:20 PM on January 20, 2015: contributor

    ACK

  9. laanwj merged this on Jan 26, 2015
  10. laanwj closed this on Jan 26, 2015
  11. laanwj referenced this in commit b01a435c34 on Jan 26, 2015
  12. laanwj referenced this in commit b24ff47c64 on Jan 26, 2015
  13. laanwj added this to the milestone 0.10.0 on Jan 26, 2015
  14. laanwj commented at 11:11 AM on January 26, 2015: member

    backported into 0.10 as b24ff47

  15. reddink referenced this in commit 6cb18eb4c7 on May 27, 2020
  16. MarcoFalke locked this on Sep 8, 2021
Contributors
petertoddsipagmaxwelllaanwj
Labels
Validation

Milestone
0.10.0

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-17 12:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me