Line data Source code
1 : // Copyright (c) 2011-2014 The Bitcoin Core developers
2 : // Copyright (c) 2017-2021 The PIVX Core developers
3 : // Distributed under the MIT software license, see the accompanying
4 : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 :
6 : #include "test/test_pivx.h"
7 : #include "test/data/script_tests.json.h"
8 :
9 : #include "core_io.h"
10 : #include "fs.h"
11 : #include "key.h"
12 : #include "keystore.h"
13 : #include "script/script.h"
14 : #include "script/script_error.h"
15 : #include "script/sign.h"
16 :
17 : #if defined(HAVE_CONSENSUS_LIB)
18 : #include "script/bitcoinconsensus.h"
19 : #endif
20 :
21 : #include <boost/algorithm/string/classification.hpp>
22 : #include <boost/test/unit_test.hpp>
23 :
24 : #include <univalue.h>
25 :
26 :
27 : // Uncomment if you want to output updated JSON tests.
28 : // #define UPDATE_JSON_TESTS
29 :
30 : static const unsigned int flags = SCRIPT_VERIFY_P2SH | SCRIPT_VERIFY_STRICTENC;
31 :
32 : unsigned int ParseScriptFlags(std::string strFlags);
33 : std::string FormatScriptFlags(unsigned int flags);
34 :
35 : UniValue
36 18 : read_json(const std::string& jsondata)
37 : {
38 36 : UniValue v;
39 :
40 18 : if (!v.read(jsondata) || !v.isArray())
41 : {
42 0 : BOOST_ERROR("Parse error.");
43 0 : return UniValue(UniValue::VARR);
44 : }
45 18 : return v.get_array();
46 : }
47 :
48 : struct ScriptErrorDesc
49 : {
50 : ScriptError_t err;
51 : const char *name;
52 : };
53 :
54 : static ScriptErrorDesc script_errors[]={
55 : {SCRIPT_ERR_OK, "OK"},
56 : {SCRIPT_ERR_UNKNOWN_ERROR, "UNKNOWN_ERROR"},
57 : {SCRIPT_ERR_EVAL_FALSE, "EVAL_FALSE"},
58 : {SCRIPT_ERR_OP_RETURN, "OP_RETURN"},
59 : {SCRIPT_ERR_SCRIPT_SIZE, "SCRIPT_SIZE"},
60 : {SCRIPT_ERR_PUSH_SIZE, "PUSH_SIZE"},
61 : {SCRIPT_ERR_OP_COUNT, "OP_COUNT"},
62 : {SCRIPT_ERR_STACK_SIZE, "STACK_SIZE"},
63 : {SCRIPT_ERR_SIG_COUNT, "SIG_COUNT"},
64 : {SCRIPT_ERR_PUBKEY_COUNT, "PUBKEY_COUNT"},
65 : {SCRIPT_ERR_VERIFY, "VERIFY"},
66 : {SCRIPT_ERR_EQUALVERIFY, "EQUALVERIFY"},
67 : {SCRIPT_ERR_CHECKMULTISIGVERIFY, "CHECKMULTISIGVERIFY"},
68 : {SCRIPT_ERR_CHECKSIGVERIFY, "CHECKSIGVERIFY"},
69 : {SCRIPT_ERR_NUMEQUALVERIFY, "NUMEQUALVERIFY"},
70 : {SCRIPT_ERR_BAD_OPCODE, "BAD_OPCODE"},
71 : {SCRIPT_ERR_DISABLED_OPCODE, "DISABLED_OPCODE"},
72 : {SCRIPT_ERR_INVALID_STACK_OPERATION, "INVALID_STACK_OPERATION"},
73 : {SCRIPT_ERR_INVALID_ALTSTACK_OPERATION, "INVALID_ALTSTACK_OPERATION"},
74 : {SCRIPT_ERR_UNBALANCED_CONDITIONAL, "UNBALANCED_CONDITIONAL"},
75 : {SCRIPT_ERR_NEGATIVE_LOCKTIME, "NEGATIVE_LOCKTIME"},
76 : {SCRIPT_ERR_UNSATISFIED_LOCKTIME, "UNSATISFIED_LOCKTIME"},
77 : {SCRIPT_ERR_SIG_HASHTYPE, "SIG_HASHTYPE"},
78 : {SCRIPT_ERR_SIG_DER, "SIG_DER"},
79 : {SCRIPT_ERR_MINIMALDATA, "MINIMALDATA"},
80 : {SCRIPT_ERR_SIG_PUSHONLY, "SIG_PUSHONLY"},
81 : {SCRIPT_ERR_SIG_HIGH_S, "SIG_HIGH_S"},
82 : {SCRIPT_ERR_SIG_NULLDUMMY, "SIG_NULLDUMMY"},
83 : {SCRIPT_ERR_PUBKEYTYPE, "PUBKEYTYPE"},
84 : {SCRIPT_ERR_CLEANSTACK, "CLEANSTACK"},
85 : {SCRIPT_ERR_DISCOURAGE_UPGRADABLE_NOPS, "DISCOURAGE_UPGRADABLE_NOPS"}
86 : };
87 :
88 2334 : const char *FormatScriptError(ScriptError_t err)
89 : {
90 16281 : for (unsigned int i=0; i<ARRAYLEN(script_errors); ++i)
91 16281 : if (script_errors[i].err == err)
92 2334 : return script_errors[i].name;
93 0 : BOOST_ERROR("Unknown scripterror enumeration value, update script_errors in script_tests.cpp.");
94 0 : return "";
95 : }
96 :
97 1044 : ScriptError_t ParseScriptError(const std::string &name)
98 : {
99 6903 : for (unsigned int i=0; i<ARRAYLEN(script_errors); ++i)
100 6903 : if (script_errors[i].name == name)
101 1044 : return script_errors[i].err;
102 0 : BOOST_ERROR("Unknown scripterror \"" << name << "\" in test description");
103 0 : return SCRIPT_ERR_UNKNOWN_ERROR;
104 : }
105 :
106 : BOOST_FIXTURE_TEST_SUITE(script_tests, BasicTestingSetup)
107 :
108 1211 : CMutableTransaction BuildCreditingTransaction(const CScript& scriptPubKey)
109 : {
110 1211 : CMutableTransaction txCredit;
111 1211 : txCredit.nVersion = 1;
112 1211 : txCredit.nLockTime = 0;
113 1211 : txCredit.vin.resize(1);
114 1211 : txCredit.vout.resize(1);
115 1211 : txCredit.vin[0].prevout.SetNull();
116 1211 : txCredit.vin[0].scriptSig = CScript() << CScriptNum(0) << CScriptNum(0);
117 1211 : txCredit.vin[0].nSequence = CTxIn::SEQUENCE_FINAL;
118 1211 : txCredit.vout[0].scriptPubKey = scriptPubKey;
119 1211 : txCredit.vout[0].nValue = 0;
120 :
121 1211 : return txCredit;
122 : }
123 :
124 1211 : CMutableTransaction BuildSpendingTransaction(const CScript& scriptSig, const CMutableTransaction& txCredit)
125 : {
126 1211 : CMutableTransaction txSpend;
127 1211 : txSpend.nVersion = 1;
128 1211 : txSpend.nLockTime = 0;
129 1211 : txSpend.vin.resize(1);
130 1211 : txSpend.vout.resize(1);
131 1211 : txSpend.vin[0].prevout.hash = txCredit.GetHash();
132 1211 : txSpend.vin[0].prevout.n = 0;
133 1211 : txSpend.vin[0].scriptSig = scriptSig;
134 1211 : txSpend.vin[0].nSequence = CTxIn::SEQUENCE_FINAL;
135 1211 : txSpend.vout[0].scriptPubKey = CScript();
136 1211 : txSpend.vout[0].nValue = 0;
137 :
138 1211 : return txSpend;
139 : }
140 :
141 1126 : void DoTest(const CScript& scriptPubKey, const CScript& scriptSig, int flags, const std::string& message, int scriptError)
142 : {
143 1126 : bool expect = (scriptError == SCRIPT_ERR_OK);
144 1126 : ScriptError err;
145 2252 : CMutableTransaction tx = BuildSpendingTransaction(scriptSig, BuildCreditingTransaction(scriptPubKey));
146 2252 : CMutableTransaction tx2 = tx;
147 1126 : static const CAmount amountZero = 0;
148 3378 : BOOST_CHECK_MESSAGE(VerifyScript(scriptSig, scriptPubKey, flags,
149 : MutableTransactionSignatureChecker(&tx, 0, amountZero), tx.GetRequiredSigVersion(), &err) == expect, message);
150 3501 : BOOST_CHECK_MESSAGE(err == scriptError, std::string(FormatScriptError(err)) + " where " + std::string(FormatScriptError((ScriptError_t)scriptError)) + " expected: " + message);
151 : #if defined(HAVE_CONSENSUS_LIB)
152 : CDataStream stream(SER_NETWORK, PROTOCOL_VERSION);
153 : stream << tx2;
154 : BOOST_CHECK_MESSAGE(bitcoinconsensus_verify_script(scriptPubKey.data(), scriptPubKey.size(), (const unsigned char*)&stream[0], stream.size(), 0, flags, nullptr) == expect,message);
155 : #endif
156 1126 : }
157 :
158 2 : void static NegateSignatureS(std::vector<unsigned char>& vchSig) {
159 : // Parse the signature.
160 4 : std::vector<unsigned char> r, s;
161 2 : r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
162 4 : s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
163 :
164 : // Really ugly to implement mod-n negation here, but it would be feature creep to expose such functionality from libsecp256k1.
165 4 : static const unsigned char order[33] = {
166 : 0x00,
167 : 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
168 : 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
169 : 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
170 : 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
171 : };
172 4 : while (s.size() < 33) {
173 2 : s.insert(s.begin(), 0x00);
174 : }
175 : int carry = 0;
176 66 : for (int p = 32; p >= 1; p--) {
177 64 : int n = (int)order[p] - s[p] - carry;
178 64 : s[p] = (n + 256) & 0xFF;
179 64 : carry = (n < 0);
180 : }
181 2 : assert(carry == 0);
182 2 : if (s.size() > 1 && s[0] == 0 && s[1] < 0x80) {
183 0 : s.erase(s.begin());
184 : }
185 :
186 : // Reconstruct the signature.
187 2 : vchSig.clear();
188 2 : vchSig.push_back(0x30);
189 2 : vchSig.push_back(4 + r.size() + s.size());
190 2 : vchSig.push_back(0x02);
191 2 : vchSig.push_back(r.size());
192 2 : vchSig.insert(vchSig.end(), r.begin(), r.end());
193 2 : vchSig.push_back(0x02);
194 2 : vchSig.push_back(s.size());
195 2 : vchSig.insert(vchSig.end(), s.begin(), s.end());
196 2 : }
197 :
198 : namespace
199 : {
200 : const unsigned char vchKey0[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1};
201 : const unsigned char vchKey1[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0};
202 : const unsigned char vchKey2[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0};
203 :
204 : struct KeyData
205 : {
206 : CKey key0, key0C, key1, key1C, key2, key2C;
207 : CPubKey pubkey0, pubkey0C, pubkey0H;
208 : CPubKey pubkey1, pubkey1C;
209 : CPubKey pubkey2, pubkey2C;
210 :
211 1 : KeyData()
212 1 : {
213 :
214 1 : key0.Set(vchKey0, vchKey0 + 32, false);
215 1 : key0C.Set(vchKey0, vchKey0 + 32, true);
216 1 : pubkey0 = key0.GetPubKey();
217 1 : pubkey0H = key0.GetPubKey();
218 1 : pubkey0C = key0C.GetPubKey();
219 1 : *const_cast<unsigned char*>(&pubkey0H[0]) = 0x06 | (pubkey0H[64] & 1);
220 :
221 1 : key1.Set(vchKey1, vchKey1 + 32, false);
222 1 : key1C.Set(vchKey1, vchKey1 + 32, true);
223 1 : pubkey1 = key1.GetPubKey();
224 1 : pubkey1C = key1C.GetPubKey();
225 :
226 1 : key2.Set(vchKey2, vchKey2 + 32, false);
227 1 : key2C.Set(vchKey2, vchKey2 + 32, true);
228 1 : pubkey2 = key2.GetPubKey();
229 1 : pubkey2C = key2C.GetPubKey();
230 1 : }
231 : };
232 :
233 :
234 : class TestBuilder
235 : {
236 : private:
237 : CScript scriptPubKey;
238 : CTransactionRef creditTx;
239 : CMutableTransaction spendTx;
240 : bool havePush;
241 : std::vector<unsigned char> push;
242 : std::string comment;
243 : int flags;
244 : int scriptError;
245 :
246 325 : void DoPush()
247 : {
248 325 : if (havePush) {
249 173 : spendTx.vin[0].scriptSig << push;
250 173 : havePush = false;
251 : }
252 : }
253 :
254 107 : void DoPush(const std::vector<unsigned char>& data)
255 : {
256 107 : DoPush();
257 107 : push = data;
258 107 : havePush = true;
259 107 : }
260 :
261 : public:
262 82 : TestBuilder(const CScript& redeemScript, const std::string& comment_, int flags_, bool P2SH = false) : scriptPubKey(redeemScript), havePush(false), comment(comment_), flags(flags_), scriptError(SCRIPT_ERR_OK)
263 : {
264 82 : if (P2SH) {
265 39 : creditTx = MakeTransactionRef(BuildCreditingTransaction(CScript() << OP_HASH160 << ToByteVector(CScriptID(redeemScript)) << OP_EQUAL));
266 : } else {
267 138 : creditTx = MakeTransactionRef(BuildCreditingTransaction(redeemScript));
268 : }
269 82 : spendTx = BuildSpendingTransaction(CScript(), *creditTx);
270 82 : }
271 :
272 45 : TestBuilder& ScriptError(ScriptError_t err)
273 : {
274 45 : scriptError = err;
275 45 : return *this;
276 : }
277 :
278 6 : TestBuilder& Add(const CScript& script)
279 : {
280 6 : DoPush();
281 6 : spendTx.vin[0].scriptSig += script;
282 6 : return *this;
283 : }
284 :
285 48 : TestBuilder& Num(int num)
286 : {
287 48 : DoPush();
288 48 : spendTx.vin[0].scriptSig << num;
289 48 : return *this;
290 : }
291 :
292 : TestBuilder& Push(const std::string& hex)
293 : {
294 : DoPush(ParseHex(hex));
295 : return *this;
296 : }
297 :
298 91 : TestBuilder& PushSig(const CKey& key, int nHashType = SIGHASH_ALL, unsigned int lenR = 32, unsigned int lenS = 32)
299 : {
300 91 : uint256 hash = SignatureHash(scriptPubKey, spendTx, 0, nHashType, 0, SIGVERSION_BASE);
301 273 : std::vector<unsigned char> vchSig, r, s;
302 91 : uint32_t iter = 0;
303 1247 : do {
304 1247 : key.Sign(hash, vchSig, iter++);
305 1247 : if ((lenS == 33) != (vchSig[5 + vchSig[3]] == 33)) {
306 2 : NegateSignatureS(vchSig);
307 : }
308 2494 : r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
309 2494 : s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
310 1247 : } while (lenR != r.size() || lenS != s.size());
311 91 : vchSig.push_back(static_cast<unsigned char>(nHashType));
312 91 : DoPush(vchSig);
313 182 : return *this;
314 : }
315 :
316 3 : TestBuilder& Push(const CPubKey& pubkey)
317 : {
318 4 : DoPush(std::vector<unsigned char>(pubkey.begin(), pubkey.end()));
319 3 : return *this;
320 : }
321 :
322 13 : TestBuilder& PushRedeem()
323 : {
324 39 : DoPush(std::vector<unsigned char>(scriptPubKey.begin(), scriptPubKey.end()));
325 13 : return *this;
326 : }
327 :
328 31 : TestBuilder& EditPush(unsigned int pos, const std::string& hexin, const std::string& hexout)
329 : {
330 31 : assert(havePush);
331 31 : std::vector<unsigned char> datain = ParseHex(hexin);
332 62 : std::vector<unsigned char> dataout = ParseHex(hexout);
333 31 : assert(pos + datain.size() <= push.size());
334 93 : BOOST_CHECK_MESSAGE(std::vector<unsigned char>(push.begin() + pos, push.begin() + pos + datain.size()) == datain, comment);
335 31 : push.erase(push.begin() + pos, push.begin() + pos + datain.size());
336 31 : push.insert(push.begin() + pos, dataout.begin(), dataout.end());
337 62 : return *this;
338 : }
339 :
340 13 : TestBuilder& DamagePush(unsigned int pos)
341 : {
342 13 : assert(havePush);
343 13 : assert(pos < push.size());
344 13 : push[pos] ^= 1;
345 13 : return *this;
346 : }
347 :
348 82 : TestBuilder& Test()
349 : {
350 82 : TestBuilder copy = *this; // Make a copy so we can rollback the push.
351 82 : DoPush();
352 82 : DoTest(creditTx->vout[0].scriptPubKey, spendTx.vin[0].scriptSig, flags, comment, scriptError);
353 82 : *this = copy;
354 82 : return *this;
355 : }
356 :
357 82 : UniValue GetJSON()
358 : {
359 82 : DoPush();
360 82 : UniValue array(UniValue::VARR);
361 82 : array.push_back(FormatScript(spendTx.vin[0].scriptSig));
362 82 : array.push_back(FormatScript(creditTx->vout[0].scriptPubKey));
363 82 : array.push_back(FormatScriptFlags(flags));
364 82 : array.push_back(FormatScriptError((ScriptError_t)scriptError));
365 82 : array.push_back(comment);
366 82 : return array;
367 : }
368 :
369 0 : std::string GetComment()
370 : {
371 0 : return comment;
372 : }
373 : };
374 :
375 1160 : std::string JSONPrettyPrint(const UniValue& univalue)
376 : {
377 1160 : std::string ret = univalue.write(4);
378 : // Workaround for libunivalue pretty printer, which puts a space between comma's and newlines
379 1160 : size_t pos = 0;
380 1160 : while ((pos = ret.find(" \n", pos)) != std::string::npos) {
381 0 : ret.replace(pos, 2, "\n");
382 0 : pos++;
383 : }
384 1160 : return ret;
385 : }
386 : }
387 :
388 2 : BOOST_AUTO_TEST_CASE(script_build)
389 : {
390 2 : const KeyData keys;
391 :
392 1 : std::vector<TestBuilder> tests;
393 :
394 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0) << OP_CHECKSIG,
395 : "P2PK", 0
396 1 : ).PushSig(keys.key0));
397 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0) << OP_CHECKSIG,
398 : "P2PK, bad sig", 0
399 1 : ).PushSig(keys.key0).DamagePush(10).ScriptError(SCRIPT_ERR_EVAL_FALSE));
400 :
401 3 : tests.push_back(TestBuilder(CScript() << OP_DUP << OP_HASH160 << ToByteVector(keys.pubkey1C.GetID()) << OP_EQUALVERIFY << OP_CHECKSIG,
402 : "P2PKH", 0
403 1 : ).PushSig(keys.key1).Push(keys.pubkey1C));
404 3 : tests.push_back(TestBuilder(CScript() << OP_DUP << OP_HASH160 << ToByteVector(keys.pubkey2C.GetID()) << OP_EQUALVERIFY << OP_CHECKSIG,
405 : "P2PKH, bad pubkey", 0
406 1 : ).PushSig(keys.key2).Push(keys.pubkey2C).DamagePush(5).ScriptError(SCRIPT_ERR_EQUALVERIFY));
407 :
408 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1) << OP_CHECKSIG,
409 : "P2PK anyonecanpay", 0
410 1 : ).PushSig(keys.key1, SIGHASH_ALL | SIGHASH_ANYONECANPAY));
411 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1) << OP_CHECKSIG,
412 : "P2PK anyonecanpay marked with normal hashtype", 0
413 2 : ).PushSig(keys.key1, SIGHASH_ALL | SIGHASH_ANYONECANPAY).EditPush(70, "81", "01").ScriptError(SCRIPT_ERR_EVAL_FALSE));
414 :
415 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0C) << OP_CHECKSIG,
416 : "P2SH(P2PK)", SCRIPT_VERIFY_P2SH, true
417 1 : ).PushSig(keys.key0).PushRedeem());
418 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0C) << OP_CHECKSIG,
419 : "P2SH(P2PK), bad redeemscript", SCRIPT_VERIFY_P2SH, true
420 1 : ).PushSig(keys.key0).PushRedeem().DamagePush(10).ScriptError(SCRIPT_ERR_EVAL_FALSE));
421 :
422 3 : tests.push_back(TestBuilder(CScript() << OP_DUP << OP_HASH160 << ToByteVector(keys.pubkey0.GetID()) << OP_EQUALVERIFY << OP_CHECKSIG,
423 : "P2SH(P2PKH)", SCRIPT_VERIFY_P2SH, true
424 1 : ).PushSig(keys.key0).Push(keys.pubkey0).PushRedeem());
425 3 : tests.push_back(TestBuilder(CScript() << OP_DUP << OP_HASH160 << ToByteVector(keys.pubkey1.GetID()) << OP_EQUALVERIFY << OP_CHECKSIG,
426 : "P2SH(P2PKH), bad sig but no VERIFY_P2SH", 0, true
427 1 : ).PushSig(keys.key0).DamagePush(10).PushRedeem());
428 3 : tests.push_back(TestBuilder(CScript() << OP_DUP << OP_HASH160 << ToByteVector(keys.pubkey1.GetID()) << OP_EQUALVERIFY << OP_CHECKSIG,
429 : "P2SH(P2PKH), bad sig", SCRIPT_VERIFY_P2SH, true
430 1 : ).PushSig(keys.key0).DamagePush(10).PushRedeem().ScriptError(SCRIPT_ERR_EQUALVERIFY));
431 :
432 6 : tests.push_back(TestBuilder(CScript() << OP_3 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG,
433 : "3-of-3", 0
434 1 : ).Num(0).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2));
435 6 : tests.push_back(TestBuilder(CScript() << OP_3 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG,
436 : "3-of-3, 2 sigs", 0
437 1 : ).Num(0).PushSig(keys.key0).PushSig(keys.key1).Num(0).ScriptError(SCRIPT_ERR_EVAL_FALSE));
438 :
439 6 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG,
440 : "P2SH(2-of-3)", SCRIPT_VERIFY_P2SH, true
441 1 : ).Num(0).PushSig(keys.key1).PushSig(keys.key2).PushRedeem());
442 6 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG,
443 : "P2SH(2-of-3), 1 sig", SCRIPT_VERIFY_P2SH, true
444 1 : ).Num(0).PushSig(keys.key1).Num(0).PushRedeem().ScriptError(SCRIPT_ERR_EVAL_FALSE));
445 :
446 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
447 : "P2PK with too much R padding but no DERSIG", 0
448 2 : ).PushSig(keys.key1, SIGHASH_ALL, 31, 32).EditPush(1, "43021F", "44022000"));
449 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
450 : "P2PK with too much R padding", SCRIPT_VERIFY_DERSIG
451 2 : ).PushSig(keys.key1, SIGHASH_ALL, 31, 32).EditPush(1, "43021F", "44022000").ScriptError(SCRIPT_ERR_SIG_DER));
452 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
453 : "P2PK with too much S padding but no DERSIG", 0
454 2 : ).PushSig(keys.key1, SIGHASH_ALL).EditPush(1, "44", "45").EditPush(37, "20", "2100"));
455 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
456 : "P2PK with too much S padding", SCRIPT_VERIFY_DERSIG
457 2 : ).PushSig(keys.key1, SIGHASH_ALL).EditPush(1, "44", "45").EditPush(37, "20", "2100").ScriptError(SCRIPT_ERR_SIG_DER));
458 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
459 : "P2PK with too little R padding but no DERSIG", 0
460 2 : ).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220"));
461 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
462 : "P2PK with too little R padding", SCRIPT_VERIFY_DERSIG
463 2 : ).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").ScriptError(SCRIPT_ERR_SIG_DER));
464 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG << OP_NOT,
465 : "P2PK NOT with bad sig with too much R padding but no DERSIG", 0
466 2 : ).PushSig(keys.key2, SIGHASH_ALL, 31, 32).EditPush(1, "43021F", "44022000").DamagePush(10));
467 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG << OP_NOT,
468 : "P2PK NOT with bad sig with too much R padding", SCRIPT_VERIFY_DERSIG
469 2 : ).PushSig(keys.key2, SIGHASH_ALL, 31, 32).EditPush(1, "43021F", "44022000").DamagePush(10).ScriptError(SCRIPT_ERR_SIG_DER));
470 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG << OP_NOT,
471 : "P2PK NOT with too much R padding but no DERSIG", 0
472 2 : ).PushSig(keys.key2, SIGHASH_ALL, 31, 32).EditPush(1, "43021F", "44022000").ScriptError(SCRIPT_ERR_EVAL_FALSE));
473 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG << OP_NOT,
474 : "P2PK NOT with too much R padding", SCRIPT_VERIFY_DERSIG
475 2 : ).PushSig(keys.key2, SIGHASH_ALL, 31, 32).EditPush(1, "43021F", "44022000").ScriptError(SCRIPT_ERR_SIG_DER));
476 :
477 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
478 : "BIP66 example 1, without DERSIG", 0
479 2 : ).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220"));
480 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
481 : "BIP66 example 1, with DERSIG", SCRIPT_VERIFY_DERSIG
482 2 : ).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").ScriptError(SCRIPT_ERR_SIG_DER));
483 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG << OP_NOT,
484 : "BIP66 example 2, without DERSIG", 0
485 2 : ).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").ScriptError(SCRIPT_ERR_EVAL_FALSE));
486 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG << OP_NOT,
487 : "BIP66 example 2, with DERSIG", SCRIPT_VERIFY_DERSIG
488 2 : ).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").ScriptError(SCRIPT_ERR_SIG_DER));
489 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
490 : "BIP66 example 3, without DERSIG", 0
491 1 : ).Num(0).ScriptError(SCRIPT_ERR_EVAL_FALSE));
492 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
493 : "BIP66 example 3, with DERSIG", SCRIPT_VERIFY_DERSIG
494 1 : ).Num(0).ScriptError(SCRIPT_ERR_EVAL_FALSE));
495 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG << OP_NOT,
496 : "BIP66 example 4, without DERSIG", 0
497 1 : ).Num(0));
498 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG << OP_NOT,
499 : "BIP66 example 4, with DERSIG", SCRIPT_VERIFY_DERSIG
500 1 : ).Num(0));
501 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
502 : "BIP66 example 5, without DERSIG", 0
503 1 : ).Num(1).ScriptError(SCRIPT_ERR_EVAL_FALSE));
504 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG,
505 : "BIP66 example 5, with DERSIG", SCRIPT_VERIFY_DERSIG
506 1 : ).Num(1).ScriptError(SCRIPT_ERR_SIG_DER));
507 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG << OP_NOT,
508 : "BIP66 example 6, without DERSIG", 0
509 1 : ).Num(1));
510 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1C) << OP_CHECKSIG << OP_NOT,
511 : "BIP66 example 6, with DERSIG", SCRIPT_VERIFY_DERSIG
512 1 : ).Num(1).ScriptError(SCRIPT_ERR_SIG_DER));
513 6 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG,
514 : "BIP66 example 7, without DERSIG", 0
515 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").PushSig(keys.key2));
516 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG,
517 : "BIP66 example 7, with DERSIG", SCRIPT_VERIFY_DERSIG
518 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").PushSig(keys.key2).ScriptError(SCRIPT_ERR_SIG_DER));
519 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG << OP_NOT,
520 : "BIP66 example 8, without DERSIG", 0
521 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").PushSig(keys.key2).ScriptError(SCRIPT_ERR_EVAL_FALSE));
522 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG << OP_NOT,
523 : "BIP66 example 8, with DERSIG", SCRIPT_VERIFY_DERSIG
524 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").PushSig(keys.key2).ScriptError(SCRIPT_ERR_SIG_DER));
525 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG,
526 : "BIP66 example 9, without DERSIG", 0
527 2 : ).Num(0).Num(0).PushSig(keys.key2, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").ScriptError(SCRIPT_ERR_EVAL_FALSE));
528 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG,
529 : "BIP66 example 9, with DERSIG", SCRIPT_VERIFY_DERSIG
530 2 : ).Num(0).Num(0).PushSig(keys.key2, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").ScriptError(SCRIPT_ERR_SIG_DER));
531 6 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG << OP_NOT,
532 : "BIP66 example 10, without DERSIG", 0
533 2 : ).Num(0).Num(0).PushSig(keys.key2, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220"));
534 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG << OP_NOT,
535 : "BIP66 example 10, with DERSIG", SCRIPT_VERIFY_DERSIG
536 2 : ).Num(0).Num(0).PushSig(keys.key2, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").ScriptError(SCRIPT_ERR_SIG_DER));
537 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG,
538 : "BIP66 example 11, without DERSIG", 0
539 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").Num(0).ScriptError(SCRIPT_ERR_EVAL_FALSE));
540 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG,
541 : "BIP66 example 11, with DERSIG", SCRIPT_VERIFY_DERSIG
542 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").Num(0).ScriptError(SCRIPT_ERR_EVAL_FALSE));
543 6 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG << OP_NOT,
544 : "BIP66 example 12, without DERSIG", 0
545 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").Num(0));
546 6 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG << OP_NOT,
547 : "BIP66 example 12, with DERSIG", SCRIPT_VERIFY_DERSIG
548 2 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").Num(0));
549 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
550 : "P2PK with multi-byte hashtype, without DERSIG", 0
551 2 : ).PushSig(keys.key2, SIGHASH_ALL).EditPush(70, "01", "0101"));
552 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
553 : "P2PK with multi-byte hashtype, with DERSIG", SCRIPT_VERIFY_DERSIG
554 2 : ).PushSig(keys.key2, SIGHASH_ALL).EditPush(70, "01", "0101").ScriptError(SCRIPT_ERR_SIG_DER));
555 :
556 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
557 : "P2PK with high S but no LOW_S", 0
558 1 : ).PushSig(keys.key2, SIGHASH_ALL, 32, 33));
559 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
560 : "P2PK with high S", SCRIPT_VERIFY_LOW_S
561 1 : ).PushSig(keys.key2, SIGHASH_ALL, 32, 33).ScriptError(SCRIPT_ERR_SIG_HIGH_S));
562 :
563 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0H) << OP_CHECKSIG,
564 : "P2PK with hybrid pubkey but no STRICTENC", 0
565 1 : ).PushSig(keys.key0, SIGHASH_ALL));
566 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0H) << OP_CHECKSIG,
567 : "P2PK with hybrid pubkey", SCRIPT_VERIFY_STRICTENC
568 1 : ).PushSig(keys.key0, SIGHASH_ALL).ScriptError(SCRIPT_ERR_PUBKEYTYPE));
569 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0H) << OP_CHECKSIG << OP_NOT,
570 : "P2PK NOT with hybrid pubkey but no STRICTENC", 0
571 1 : ).PushSig(keys.key0, SIGHASH_ALL).ScriptError(SCRIPT_ERR_EVAL_FALSE));
572 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0H) << OP_CHECKSIG << OP_NOT,
573 : "P2PK NOT with hybrid pubkey", SCRIPT_VERIFY_STRICTENC
574 1 : ).PushSig(keys.key0, SIGHASH_ALL).ScriptError(SCRIPT_ERR_PUBKEYTYPE));
575 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0H) << OP_CHECKSIG << OP_NOT,
576 : "P2PK NOT with invalid hybrid pubkey but no STRICTENC", 0
577 1 : ).PushSig(keys.key0, SIGHASH_ALL).DamagePush(10));
578 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0H) << OP_CHECKSIG << OP_NOT,
579 : "P2PK NOT with invalid hybrid pubkey", SCRIPT_VERIFY_STRICTENC
580 1 : ).PushSig(keys.key0, SIGHASH_ALL).DamagePush(10).ScriptError(SCRIPT_ERR_PUBKEYTYPE));
581 5 : tests.push_back(TestBuilder(CScript() << OP_1 << ToByteVector(keys.pubkey0H) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG,
582 : "1-of-2 with the second 1 hybrid pubkey and no STRICTENC", 0
583 1 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL));
584 5 : tests.push_back(TestBuilder(CScript() << OP_1 << ToByteVector(keys.pubkey0H) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG,
585 : "1-of-2 with the second 1 hybrid pubkey", SCRIPT_VERIFY_STRICTENC
586 1 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL));
587 5 : tests.push_back(TestBuilder(CScript() << OP_1 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey0H) << OP_2 << OP_CHECKMULTISIG,
588 : "1-of-2 with the first 1 hybrid pubkey", SCRIPT_VERIFY_STRICTENC
589 1 : ).Num(0).PushSig(keys.key1, SIGHASH_ALL).ScriptError(SCRIPT_ERR_PUBKEYTYPE));
590 :
591 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1) << OP_CHECKSIG,
592 : "P2PK with undefined hashtype but no STRICTENC", 0
593 1 : ).PushSig(keys.key1, 5));
594 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1) << OP_CHECKSIG,
595 : "P2PK with undefined hashtype", SCRIPT_VERIFY_STRICTENC
596 1 : ).PushSig(keys.key1, 5).ScriptError(SCRIPT_ERR_SIG_HASHTYPE));
597 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1) << OP_CHECKSIG << OP_NOT,
598 : "P2PK NOT with invalid sig and undefined hashtype but no STRICTENC", 0
599 1 : ).PushSig(keys.key1, 5).DamagePush(10));
600 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey1) << OP_CHECKSIG << OP_NOT,
601 : "P2PK NOT with invalid sig and undefined hashtype", SCRIPT_VERIFY_STRICTENC
602 1 : ).PushSig(keys.key1, 5).DamagePush(10).ScriptError(SCRIPT_ERR_SIG_HASHTYPE));
603 :
604 6 : tests.push_back(TestBuilder(CScript() << OP_3 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG,
605 : "3-of-3 with nonzero dummy but no NULLDUMMY", 0
606 1 : ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2));
607 6 : tests.push_back(TestBuilder(CScript() << OP_3 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG,
608 : "3-of-3 with nonzero dummy", SCRIPT_VERIFY_NULLDUMMY
609 1 : ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).ScriptError(SCRIPT_ERR_SIG_NULLDUMMY));
610 6 : tests.push_back(TestBuilder(CScript() << OP_3 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG << OP_NOT,
611 : "3-of-3 NOT with invalid sig and nonzero dummy but no NULLDUMMY", 0
612 1 : ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).DamagePush(10));
613 6 : tests.push_back(TestBuilder(CScript() << OP_3 << ToByteVector(keys.pubkey0C) << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_3 << OP_CHECKMULTISIG << OP_NOT,
614 : "3-of-3 NOT with invalid sig with nonzero dummy", SCRIPT_VERIFY_NULLDUMMY
615 1 : ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).DamagePush(10).ScriptError(SCRIPT_ERR_SIG_NULLDUMMY));
616 :
617 6 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG,
618 : "2-of-2 with two identical keys and sigs pushed using OP_DUP but no SIGPUSHONLY", 0
619 2 : ).Num(0).PushSig(keys.key1).Add(CScript() << OP_DUP));
620 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG,
621 : "2-of-2 with two identical keys and sigs pushed using OP_DUP", SCRIPT_VERIFY_SIGPUSHONLY
622 2 : ).Num(0).PushSig(keys.key1).Add(CScript() << OP_DUP).ScriptError(SCRIPT_ERR_SIG_PUSHONLY));
623 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
624 : "P2SH(P2PK) with non-push scriptSig but no P2SH or SIGPUSHONLY", 0, true
625 2 : ).PushSig(keys.key2).Add(CScript() << OP_NOP8).PushRedeem());
626 5 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
627 : "P2PK with non-push scriptSig but with P2SH validation", 0
628 2 : ).PushSig(keys.key2).Add(CScript() << OP_NOP8));
629 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
630 : "P2SH(P2PK) with non-push scriptSig but no SIGPUSHONLY", SCRIPT_VERIFY_P2SH, true
631 2 : ).PushSig(keys.key2).Add(CScript() << OP_NOP8).PushRedeem().ScriptError(SCRIPT_ERR_SIG_PUSHONLY));
632 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
633 : "P2SH(P2PK) with non-push scriptSig but not P2SH", SCRIPT_VERIFY_SIGPUSHONLY, true
634 2 : ).PushSig(keys.key2).Add(CScript() << OP_NOP8).PushRedeem().ScriptError(SCRIPT_ERR_SIG_PUSHONLY));
635 5 : tests.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey1C) << OP_2 << OP_CHECKMULTISIG,
636 : "2-of-2 with two identical keys and sigs pushed", SCRIPT_VERIFY_SIGPUSHONLY
637 1 : ).Num(0).PushSig(keys.key1).PushSig(keys.key1));
638 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0) << OP_CHECKSIG,
639 : "P2PK with unnecessary input but no CLEANSTACK", SCRIPT_VERIFY_P2SH
640 1 : ).Num(11).PushSig(keys.key0));
641 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0) << OP_CHECKSIG,
642 : "P2PK with unnecessary input", SCRIPT_VERIFY_CLEANSTACK | SCRIPT_VERIFY_P2SH
643 1 : ).Num(11).PushSig(keys.key0).ScriptError(SCRIPT_ERR_CLEANSTACK));
644 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0) << OP_CHECKSIG,
645 : "P2SH with unnecessary input but no CLEANSTACK", SCRIPT_VERIFY_P2SH, true
646 1 : ).Num(11).PushSig(keys.key0).PushRedeem());
647 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0) << OP_CHECKSIG,
648 : "P2SH with unnecessary input", SCRIPT_VERIFY_CLEANSTACK | SCRIPT_VERIFY_P2SH, true
649 1 : ).Num(11).PushSig(keys.key0).PushRedeem().ScriptError(SCRIPT_ERR_CLEANSTACK));
650 4 : tests.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey0) << OP_CHECKSIG,
651 : "P2SH with CLEANSTACK", SCRIPT_VERIFY_CLEANSTACK | SCRIPT_VERIFY_P2SH, true
652 1 : ).PushSig(keys.key0).PushRedeem());
653 :
654 :
655 2 : std::set<std::string> tests_set;
656 :
657 1 : {
658 3 : UniValue json_tests = read_json(std::string(json_tests::script_tests, json_tests::script_tests + sizeof(json_tests::script_tests)));
659 :
660 1079 : for (unsigned int idx = 0; idx < json_tests.size(); idx++) {
661 1078 : const UniValue& tv = json_tests[idx];
662 2164 : tests_set.insert(JSONPrettyPrint(tv.get_array()));
663 : }
664 : }
665 :
666 2 : std::string strGen;
667 :
668 83 : for (TestBuilder& test : tests) {
669 82 : test.Test();
670 164 : std::string str = JSONPrettyPrint(test.GetJSON());
671 : #ifndef UPDATE_JSON_TESTS
672 164 : if (tests_set.count(str) == 0) {
673 0 : BOOST_CHECK_MESSAGE(false, "Missing auto script_valid test: " + test.GetComment());
674 : }
675 : #endif
676 246 : strGen += str + ",\n";
677 : }
678 :
679 : #ifdef UPDATE_JSON_TESTS
680 : FILE* file = fopen("script_tests.json.gen", "w");
681 : fputs(strGen.c_str(), file);
682 : fclose(file);
683 : #endif
684 1 : }
685 :
686 2 : BOOST_AUTO_TEST_CASE(script_json_test)
687 : {
688 : // Read tests from test/data/script_tests.json
689 : // Format is an array of arrays
690 : // Inner arrays are [ "scriptSig", "scriptPubKey", "flags", "expected_scripterror" ]
691 : // ... where scriptSig and scriptPubKey are stringified
692 : // scripts.
693 3 : UniValue tests = read_json(std::string(json_tests::script_tests, json_tests::script_tests + sizeof(json_tests::script_tests)));
694 :
695 1079 : for (unsigned int idx = 0; idx < tests.size(); idx++) {
696 1078 : UniValue test = tests[idx];
697 2122 : std::string strTest = test.write();
698 1078 : if (test.size() < 4) // Allow size > 3; extra stuff ignored (useful for comments)
699 : {
700 34 : if (test.size() != 1) {
701 0 : BOOST_ERROR("Bad test: " << strTest);
702 : }
703 68 : continue;
704 : }
705 2088 : std::string scriptSigString = test[0].get_str();
706 3132 : CScript scriptSig = ParseScript(scriptSigString);
707 2088 : std::string scriptPubKeyString = test[1].get_str();
708 3132 : CScript scriptPubKey = ParseScript(scriptPubKeyString);
709 2088 : unsigned int scriptflags = ParseScriptFlags(test[2].get_str());
710 1044 : int scriptError = ParseScriptError(test[3].get_str());
711 :
712 1044 : DoTest(scriptPubKey, scriptSig, scriptflags, strTest, scriptError);
713 : }
714 1 : }
715 :
716 2 : BOOST_AUTO_TEST_CASE(script_PushData)
717 : {
718 : // Check that PUSHDATA1, PUSHDATA2, and PUSHDATA4 create the same value on
719 : // the stack as the 1-75 opcodes do.
720 1 : static const unsigned char direct[] = { 1, 0x5a };
721 1 : static const unsigned char pushdata1[] = { OP_PUSHDATA1, 1, 0x5a };
722 1 : static const unsigned char pushdata2[] = { OP_PUSHDATA2, 1, 0, 0x5a };
723 1 : static const unsigned char pushdata4[] = { OP_PUSHDATA4, 1, 0, 0, 0, 0x5a };
724 :
725 1 : ScriptError err;
726 2 : std::vector<std::vector<unsigned char> > directStack;
727 2 : BOOST_CHECK(EvalScript(directStack, CScript(&direct[0], &direct[sizeof(direct)]), SCRIPT_VERIFY_P2SH, BaseSignatureChecker(), SIGVERSION_BASE, &err));
728 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
729 :
730 2 : std::vector<std::vector<unsigned char> > pushdata1Stack;
731 2 : BOOST_CHECK(EvalScript(pushdata1Stack, CScript(&pushdata1[0], &pushdata1[sizeof(pushdata1)]), SCRIPT_VERIFY_P2SH, BaseSignatureChecker(), SIGVERSION_BASE, &err));
732 2 : BOOST_CHECK(pushdata1Stack == directStack);
733 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
734 :
735 2 : std::vector<std::vector<unsigned char> > pushdata2Stack;
736 2 : BOOST_CHECK(EvalScript(pushdata2Stack, CScript(&pushdata2[0], &pushdata2[sizeof(pushdata2)]), SCRIPT_VERIFY_P2SH, BaseSignatureChecker(), SIGVERSION_BASE, &err));
737 2 : BOOST_CHECK(pushdata2Stack == directStack);
738 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
739 :
740 2 : std::vector<std::vector<unsigned char> > pushdata4Stack;
741 2 : BOOST_CHECK(EvalScript(pushdata4Stack, CScript(&pushdata4[0], &pushdata4[sizeof(pushdata4)]), SCRIPT_VERIFY_P2SH, BaseSignatureChecker(), SIGVERSION_BASE, &err));
742 2 : BOOST_CHECK(pushdata4Stack == directStack);
743 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
744 1 : }
745 :
746 : CScript
747 12 : sign_multisig(const CScript& scriptPubKey, const std::vector<CKey>& keys, const CTransaction& transaction)
748 : {
749 12 : uint256 hash = SignatureHash(scriptPubKey, transaction, 0, SIGHASH_ALL, 0, SIGVERSION_BASE);
750 :
751 12 : CScript result;
752 : //
753 : // NOTE: CHECKMULTISIG has an unfortunate bug; it requires
754 : // one extra item on the stack, before the signatures.
755 : // Putting OP_0 on the stack is the workaround;
756 : // fixing the bug would mean splitting the block chain (old
757 : // clients would not accept new CHECKMULTISIG transactions,
758 : // and vice-versa)
759 : //
760 12 : result << OP_0;
761 31 : for (const CKey &key : keys)
762 : {
763 38 : std::vector<unsigned char> vchSig;
764 38 : BOOST_CHECK(key.Sign(hash, vchSig));
765 19 : vchSig.push_back((unsigned char)SIGHASH_ALL);
766 19 : result << vchSig;
767 : }
768 12 : return result;
769 : }
770 : CScript
771 3 : sign_multisig(const CScript& scriptPubKey, const CKey& key, const CTransaction& transaction)
772 : {
773 6 : std::vector<CKey> keys;
774 3 : keys.push_back(key);
775 6 : return sign_multisig(scriptPubKey, keys, transaction);
776 : }
777 :
778 2 : BOOST_AUTO_TEST_CASE(script_CHECKMULTISIG12)
779 : {
780 1 : ScriptError err;
781 3 : CKey key1, key2, key3;
782 1 : key1.MakeNewKey(true);
783 1 : key2.MakeNewKey(false);
784 1 : key3.MakeNewKey(true);
785 :
786 2 : CScript scriptPubKey12;
787 2 : scriptPubKey12 << OP_1 << ToByteVector(key1.GetPubKey()) << ToByteVector(key2.GetPubKey()) << OP_2 << OP_CHECKMULTISIG;
788 :
789 2 : CMutableTransaction txFrom12 = BuildCreditingTransaction(scriptPubKey12);
790 1 : CMutableTransaction txTo12 = BuildSpendingTransaction(CScript(), txFrom12);
791 1 : const SigVersion sv12 = txTo12.GetRequiredSigVersion();
792 :
793 2 : CScript goodsig1 = sign_multisig(scriptPubKey12, key1, txTo12);
794 2 : BOOST_CHECK(VerifyScript(goodsig1, scriptPubKey12, flags, MutableTransactionSignatureChecker(&txTo12, 0, txFrom12.vout[0].nValue), sv12, &err));
795 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
796 1 : txTo12.vout[0].nValue = 2;
797 2 : BOOST_CHECK(!VerifyScript(goodsig1, scriptPubKey12, flags, MutableTransactionSignatureChecker(&txTo12, 0, txFrom12.vout[0].nValue), sv12, &err));
798 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_EVAL_FALSE, ScriptErrorString(err));
799 :
800 2 : CScript goodsig2 = sign_multisig(scriptPubKey12, key2, txTo12);
801 2 : BOOST_CHECK(VerifyScript(goodsig2, scriptPubKey12, flags, MutableTransactionSignatureChecker(&txTo12, 0, txFrom12.vout[0].nValue), sv12, &err));
802 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
803 :
804 2 : CScript badsig1 = sign_multisig(scriptPubKey12, key3, txTo12);
805 2 : BOOST_CHECK(!VerifyScript(badsig1, scriptPubKey12, flags, MutableTransactionSignatureChecker(&txTo12, 0, txFrom12.vout[0].nValue), sv12, &err));
806 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_EVAL_FALSE, ScriptErrorString(err));
807 1 : }
808 :
809 2 : BOOST_AUTO_TEST_CASE(script_CHECKMULTISIG23)
810 : {
811 1 : ScriptError err;
812 4 : CKey key1, key2, key3, key4;
813 1 : key1.MakeNewKey(true);
814 1 : key2.MakeNewKey(false);
815 1 : key3.MakeNewKey(true);
816 1 : key4.MakeNewKey(false);
817 :
818 2 : CScript scriptPubKey23;
819 3 : scriptPubKey23 << OP_2 << ToByteVector(key1.GetPubKey()) << ToByteVector(key2.GetPubKey()) << ToByteVector(key3.GetPubKey()) << OP_3 << OP_CHECKMULTISIG;
820 :
821 2 : CMutableTransaction txFrom23 = BuildCreditingTransaction(scriptPubKey23);
822 2 : CMutableTransaction txTo23 = BuildSpendingTransaction(CScript(), txFrom23);
823 1 : const SigVersion sv23 = txTo23.GetRequiredSigVersion();
824 :
825 1 : std::vector<CKey> keys;
826 1 : keys.push_back(key1); keys.push_back(key2);
827 2 : CScript goodsig1 = sign_multisig(scriptPubKey23, keys, txTo23);
828 2 : BOOST_CHECK(VerifyScript(goodsig1, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
829 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
830 :
831 1 : keys.clear();
832 1 : keys.push_back(key1); keys.push_back(key3);
833 2 : CScript goodsig2 = sign_multisig(scriptPubKey23, keys, txTo23);
834 2 : BOOST_CHECK(VerifyScript(goodsig2, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
835 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
836 :
837 1 : keys.clear();
838 1 : keys.push_back(key2); keys.push_back(key3);
839 2 : CScript goodsig3 = sign_multisig(scriptPubKey23, keys, txTo23);
840 2 : BOOST_CHECK(VerifyScript(goodsig3, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
841 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
842 :
843 1 : keys.clear();
844 1 : keys.push_back(key2); keys.push_back(key2); // Can't re-use sig
845 2 : CScript badsig1 = sign_multisig(scriptPubKey23, keys, txTo23);
846 2 : BOOST_CHECK(!VerifyScript(badsig1, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
847 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_EVAL_FALSE, ScriptErrorString(err));
848 :
849 1 : keys.clear();
850 1 : keys.push_back(key2); keys.push_back(key1); // sigs must be in correct order
851 2 : CScript badsig2 = sign_multisig(scriptPubKey23, keys, txTo23);
852 2 : BOOST_CHECK(!VerifyScript(badsig2, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
853 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_EVAL_FALSE, ScriptErrorString(err));
854 :
855 1 : keys.clear();
856 1 : keys.push_back(key3); keys.push_back(key2); // sigs must be in correct order
857 2 : CScript badsig3 = sign_multisig(scriptPubKey23, keys, txTo23);
858 2 : BOOST_CHECK(!VerifyScript(badsig3, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
859 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_EVAL_FALSE, ScriptErrorString(err));
860 :
861 1 : keys.clear();
862 1 : keys.push_back(key4); keys.push_back(key2); // sigs must match pubkeys
863 2 : CScript badsig4 = sign_multisig(scriptPubKey23, keys, txTo23);
864 2 : BOOST_CHECK(!VerifyScript(badsig4, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
865 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_EVAL_FALSE, ScriptErrorString(err));
866 :
867 1 : keys.clear();
868 1 : keys.push_back(key1); keys.push_back(key4); // sigs must match pubkeys
869 2 : CScript badsig5 = sign_multisig(scriptPubKey23, keys, txTo23);
870 2 : BOOST_CHECK(!VerifyScript(badsig5, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
871 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_EVAL_FALSE, ScriptErrorString(err));
872 :
873 1 : keys.clear(); // Must have signatures
874 2 : CScript badsig6 = sign_multisig(scriptPubKey23, keys, txTo23);
875 2 : BOOST_CHECK(!VerifyScript(badsig6, scriptPubKey23, flags, MutableTransactionSignatureChecker(&txTo23, 0, txFrom23.vout[0].nValue), sv23, &err));
876 2 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_INVALID_STACK_OPERATION, ScriptErrorString(err));
877 1 : }
878 :
879 2 : BOOST_AUTO_TEST_CASE(script_combineSigs)
880 : {
881 : // Test the CombineSignatures function
882 1 : CAmount amount = 0;
883 2 : CBasicKeyStore keystore;
884 1 : std::vector<CKey> keys;
885 1 : std::vector<CPubKey> pubkeys;
886 4 : for (int i = 0; i < 3; i++)
887 : {
888 6 : CKey key;
889 3 : key.MakeNewKey(i%2 == 1);
890 3 : keys.push_back(key);
891 3 : pubkeys.push_back(key.GetPubKey());
892 3 : keystore.AddKey(key);
893 : }
894 :
895 3 : CMutableTransaction txFrom = BuildCreditingTransaction(GetScriptForDestination(keys[0].GetPubKey().GetID()));
896 1 : CMutableTransaction txTo = BuildSpendingTransaction(CScript(), txFrom);
897 1 : CScript& scriptPubKey = txFrom.vout[0].scriptPubKey;
898 1 : CScript& scriptSig = txTo.vin[0].scriptSig;
899 :
900 2 : SignatureData empty;
901 2 : SignatureData combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), empty, empty);
902 2 : BOOST_CHECK(combined.scriptSig.empty());
903 :
904 : // Single signature case:
905 1 : SignSignature(keystore, txFrom, txTo, 0, SIGHASH_ALL); // changes scriptSig
906 1 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(scriptSig), empty);
907 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
908 2 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), empty, SignatureData(scriptSig));
909 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
910 2 : CScript scriptSigCopy = scriptSig;
911 : // Signing again will give a different, valid signature:
912 1 : SignSignature(keystore, txFrom, txTo, 0, SIGHASH_ALL);
913 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(scriptSigCopy), SignatureData(scriptSig));
914 2 : BOOST_CHECK(combined.scriptSig == scriptSigCopy || combined.scriptSig == scriptSig);
915 :
916 : // P2SH, single-signature case:
917 2 : CScript pkSingle; pkSingle << ToByteVector(keys[0].GetPubKey()) << OP_CHECKSIG;
918 1 : keystore.AddCScript(pkSingle);
919 1 : scriptPubKey = GetScriptForDestination(CScriptID(pkSingle));
920 1 : SignSignature(keystore, txFrom, txTo, 0, SIGHASH_ALL);
921 2 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(scriptSig), empty);
922 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
923 2 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), empty, SignatureData(scriptSig));
924 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
925 1 : scriptSigCopy = scriptSig;
926 1 : SignSignature(keystore, txFrom, txTo, 0, SIGHASH_ALL);
927 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(scriptSigCopy), SignatureData(scriptSig));
928 2 : BOOST_CHECK(combined.scriptSig == scriptSigCopy || combined.scriptSig == scriptSig);
929 : // dummy scriptSigCopy with placeholder, should always choose non-placeholder:
930 4 : scriptSigCopy = CScript() << OP_0 << std::vector<unsigned char>(pkSingle.begin(), pkSingle.end());
931 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(scriptSigCopy), SignatureData(scriptSig));
932 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
933 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(scriptSig), SignatureData(scriptSigCopy));
934 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
935 :
936 : // Hardest case: Multisig 2-of-3
937 1 : scriptPubKey = GetScriptForMultisig(2, pubkeys);
938 1 : keystore.AddCScript(scriptPubKey);
939 1 : SignSignature(keystore, txFrom, txTo, 0, SIGHASH_ALL);
940 2 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(scriptSig), empty);
941 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
942 2 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), empty, SignatureData(scriptSig));
943 2 : BOOST_CHECK(combined.scriptSig == scriptSig);
944 :
945 : // A couple of partially-signed versions:
946 2 : std::vector<unsigned char> sig1;
947 1 : uint256 hash1 = SignatureHash(scriptPubKey, txTo, 0, SIGHASH_ALL, 0, SIGVERSION_BASE);
948 2 : BOOST_CHECK(keys[0].Sign(hash1, sig1));
949 1 : sig1.push_back(SIGHASH_ALL);
950 2 : std::vector<unsigned char> sig2;
951 1 : uint256 hash2 = SignatureHash(scriptPubKey, txTo, 0, SIGHASH_NONE, 0, SIGVERSION_BASE);
952 2 : BOOST_CHECK(keys[1].Sign(hash2, sig2));
953 1 : sig2.push_back(SIGHASH_NONE);
954 2 : std::vector<unsigned char> sig3;
955 1 : uint256 hash3 = SignatureHash(scriptPubKey, txTo, 0, SIGHASH_SINGLE, 0, SIGVERSION_BASE);
956 2 : BOOST_CHECK(keys[2].Sign(hash3, sig3));
957 1 : sig3.push_back(SIGHASH_SINGLE);
958 :
959 : // Not fussy about order (or even existence) of placeholders or signatures:
960 2 : CScript partial1a = CScript() << OP_0 << sig1 << OP_0;
961 2 : CScript partial1b = CScript() << OP_0 << OP_0 << sig1;
962 2 : CScript partial2a = CScript() << OP_0 << sig2;
963 2 : CScript partial2b = CScript() << sig2 << OP_0;
964 2 : CScript partial3a = CScript() << sig3;
965 2 : CScript partial3b = CScript() << OP_0 << OP_0 << sig3;
966 2 : CScript partial3c = CScript() << OP_0 << sig3 << OP_0;
967 2 : CScript complete12 = CScript() << OP_0 << sig1 << sig2;
968 2 : CScript complete13 = CScript() << OP_0 << sig1 << sig3;
969 2 : CScript complete23 = CScript() << OP_0 << sig2 << sig3;
970 :
971 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial1a), SignatureData(partial1b));
972 2 : BOOST_CHECK(combined.scriptSig == partial1a);
973 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial1a), SignatureData(partial2a));
974 2 : BOOST_CHECK(combined.scriptSig == complete12);
975 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial2a), SignatureData(partial1a));
976 2 : BOOST_CHECK(combined.scriptSig == complete12);
977 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial1b), SignatureData(partial2b));
978 2 : BOOST_CHECK(combined.scriptSig == complete12);
979 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial3b), SignatureData(partial1b));
980 2 : BOOST_CHECK(combined.scriptSig == complete13);
981 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial2a), SignatureData(partial3a));
982 2 : BOOST_CHECK(combined.scriptSig == complete23);
983 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial3b), SignatureData(partial2b));
984 2 : BOOST_CHECK(combined.scriptSig == complete23);
985 3 : combined = CombineSignatures(scriptPubKey, MutableTransactionSignatureChecker(&txTo, 0, amount), SignatureData(partial3b), SignatureData(partial3a));
986 2 : BOOST_CHECK(combined.scriptSig == partial3c);
987 1 : }
988 :
989 :
990 2 : BOOST_AUTO_TEST_CASE(script_standard_push)
991 : {
992 1 : ScriptError err;
993 67001 : for (int i=0; i<67000; i++) {
994 134000 : CScript script;
995 67000 : script << i;
996 134000 : BOOST_CHECK_MESSAGE(script.IsPushOnly(), "Number " << i << " is not pure push.");
997 134000 : BOOST_CHECK_MESSAGE(VerifyScript(script, CScript() << OP_1, SCRIPT_VERIFY_MINIMALDATA, BaseSignatureChecker(), SIGVERSION_BASE, &err), "Number " << i << " push is not minimal data.");
998 134000 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
999 : }
1000 :
1001 522 : for (unsigned int i=0; i<=MAX_SCRIPT_ELEMENT_SIZE; i++) {
1002 1042 : std::vector<unsigned char> data(i, '\111');
1003 1042 : CScript script;
1004 521 : script << data;
1005 1042 : BOOST_CHECK_MESSAGE(script.IsPushOnly(), "Length " << i << " is not pure push.");
1006 1042 : BOOST_CHECK_MESSAGE(VerifyScript(script, CScript() << OP_1, SCRIPT_VERIFY_MINIMALDATA, BaseSignatureChecker(), SIGVERSION_BASE, &err), "Length " << i << " push is not minimal data.");
1007 1042 : BOOST_CHECK_MESSAGE(err == SCRIPT_ERR_OK, ScriptErrorString(err));
1008 : }
1009 1 : }
1010 :
1011 2 : BOOST_AUTO_TEST_CASE(script_IsPushOnly_on_invalid_scripts)
1012 : {
1013 : // IsPushOnly returns false when given a script containing only pushes that
1014 : // are invalid due to truncation. IsPushOnly() is consensus critical
1015 : // because P2SH evaluation uses it, although this specific behavior should
1016 : // not be consensus critical as the P2SH evaluation would fail first due to
1017 : // the invalid push. Still, it doesn't hurt to test it explicitly.
1018 1 : static const unsigned char direct[] = { 1 };
1019 2 : BOOST_CHECK(!CScript(direct, direct+sizeof(direct)).IsPushOnly());
1020 1 : }
1021 :
1022 2 : BOOST_AUTO_TEST_CASE(script_GetScriptAsm)
1023 : {
1024 2 : BOOST_CHECK_EQUAL("OP_CHECKLOCKTIMEVERIFY", ScriptToAsmStr(CScript() << OP_NOP2, true));
1025 2 : BOOST_CHECK_EQUAL("OP_CHECKLOCKTIMEVERIFY", ScriptToAsmStr(CScript() << OP_CHECKLOCKTIMEVERIFY, true));
1026 2 : BOOST_CHECK_EQUAL("OP_CHECKLOCKTIMEVERIFY", ScriptToAsmStr(CScript() << OP_NOP2));
1027 2 : BOOST_CHECK_EQUAL("OP_CHECKLOCKTIMEVERIFY", ScriptToAsmStr(CScript() << OP_CHECKLOCKTIMEVERIFY));
1028 :
1029 1 : std::string derSig("304502207fa7a6d1e0ee81132a269ad84e68d695483745cde8b541e3bf630749894e342a022100c1f7ab20e13e22fb95281a870f3dcf38d782e53023ee313d741ad0cfbc0c5090");
1030 2 : std::string pubKey("03b0da749730dc9b4b1f4a14d6902877a92541f5368778853d9c4a0cb7802dcfb2");
1031 2 : std::vector<unsigned char> vchPubKey = ToByteVector(ParseHex(pubKey));
1032 :
1033 7 : BOOST_CHECK_EQUAL(derSig + "00 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "00")) << vchPubKey, true));
1034 7 : BOOST_CHECK_EQUAL(derSig + "80 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "80")) << vchPubKey, true));
1035 7 : BOOST_CHECK_EQUAL(derSig + "[ALL] " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "01")) << vchPubKey, true));
1036 7 : BOOST_CHECK_EQUAL(derSig + "[NONE] " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "02")) << vchPubKey, true));
1037 7 : BOOST_CHECK_EQUAL(derSig + "[SINGLE] " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "03")) << vchPubKey, true));
1038 7 : BOOST_CHECK_EQUAL(derSig + "[ALL|ANYONECANPAY] " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "81")) << vchPubKey, true));
1039 7 : BOOST_CHECK_EQUAL(derSig + "[NONE|ANYONECANPAY] " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "82")) << vchPubKey, true));
1040 7 : BOOST_CHECK_EQUAL(derSig + "[SINGLE|ANYONECANPAY] " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "83")) << vchPubKey, true));
1041 :
1042 7 : BOOST_CHECK_EQUAL(derSig + "00 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "00")) << vchPubKey));
1043 7 : BOOST_CHECK_EQUAL(derSig + "80 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "80")) << vchPubKey));
1044 7 : BOOST_CHECK_EQUAL(derSig + "01 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "01")) << vchPubKey));
1045 7 : BOOST_CHECK_EQUAL(derSig + "02 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "02")) << vchPubKey));
1046 7 : BOOST_CHECK_EQUAL(derSig + "03 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "03")) << vchPubKey));
1047 7 : BOOST_CHECK_EQUAL(derSig + "81 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "81")) << vchPubKey));
1048 7 : BOOST_CHECK_EQUAL(derSig + "82 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "82")) << vchPubKey));
1049 7 : BOOST_CHECK_EQUAL(derSig + "83 " + pubKey, ScriptToAsmStr(CScript() << ToByteVector(ParseHex(derSig + "83")) << vchPubKey));
1050 1 : }
1051 :
1052 :
1053 : static CScript
1054 28 : ScriptFromHex(const char* hex)
1055 : {
1056 28 : std::vector<unsigned char> data = ParseHex(hex);
1057 28 : return CScript(data.begin(), data.end());
1058 : }
1059 :
1060 :
1061 2 : BOOST_AUTO_TEST_CASE(script_FindAndDelete)
1062 : {
1063 : // Exercise the FindAndDelete functionality
1064 1 : CScript s;
1065 1 : CScript d;
1066 1 : CScript expect;
1067 :
1068 1 : s = CScript() << OP_1 << OP_2;
1069 1 : d = CScript(); // delete nothing should be a no-op
1070 1 : expect = s;
1071 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 0);
1072 2 : BOOST_CHECK(s == expect);
1073 :
1074 1 : s = CScript() << OP_1 << OP_2 << OP_3;
1075 1 : d = CScript() << OP_2;
1076 1 : expect = CScript() << OP_1 << OP_3;
1077 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 1);
1078 2 : BOOST_CHECK(s == expect);
1079 :
1080 1 : s = CScript() << OP_3 << OP_1 << OP_3 << OP_3 << OP_4 << OP_3;
1081 1 : d = CScript() << OP_3;
1082 1 : expect = CScript() << OP_1 << OP_4;
1083 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 4);
1084 2 : BOOST_CHECK(s == expect);
1085 :
1086 1 : s = ScriptFromHex("0302ff03"); // PUSH 0x02ff03 onto stack
1087 1 : d = ScriptFromHex("0302ff03");
1088 1 : expect = CScript();
1089 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 1);
1090 2 : BOOST_CHECK(s == expect);
1091 :
1092 1 : s = ScriptFromHex("0302ff030302ff03"); // PUSH 0x2ff03 PUSH 0x2ff03
1093 1 : d = ScriptFromHex("0302ff03");
1094 1 : expect = CScript();
1095 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 2);
1096 2 : BOOST_CHECK(s == expect);
1097 :
1098 1 : s = ScriptFromHex("0302ff030302ff03");
1099 1 : d = ScriptFromHex("02");
1100 1 : expect = s; // FindAndDelete matches entire opcodes
1101 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 0);
1102 2 : BOOST_CHECK(s == expect);
1103 :
1104 1 : s = ScriptFromHex("0302ff030302ff03");
1105 1 : d = ScriptFromHex("ff");
1106 1 : expect = s;
1107 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 0);
1108 2 : BOOST_CHECK(s == expect);
1109 :
1110 : // This is an odd edge case: strip of the push-three-bytes
1111 : // prefix, leaving 02ff03 which is push-two-bytes:
1112 1 : s = ScriptFromHex("0302ff030302ff03");
1113 1 : d = ScriptFromHex("03");
1114 3 : expect = CScript() << ParseHex("ff03") << ParseHex("ff03");
1115 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 2);
1116 2 : BOOST_CHECK(s == expect);
1117 :
1118 : // Byte sequence that spans multiple opcodes:
1119 1 : s = ScriptFromHex("02feed5169"); // PUSH(0xfeed) OP_1 OP_VERIFY
1120 1 : d = ScriptFromHex("feed51");
1121 1 : expect = s;
1122 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 0); // doesn't match 'inside' opcodes
1123 2 : BOOST_CHECK(s == expect);
1124 :
1125 1 : s = ScriptFromHex("02feed5169"); // PUSH(0xfeed) OP_1 OP_VERIFY
1126 1 : d = ScriptFromHex("02feed51");
1127 1 : expect = ScriptFromHex("69");
1128 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 1);
1129 2 : BOOST_CHECK(s == expect);
1130 :
1131 1 : s = ScriptFromHex("516902feed5169");
1132 1 : d = ScriptFromHex("feed51");
1133 1 : expect = s;
1134 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 0);
1135 2 : BOOST_CHECK(s == expect);
1136 :
1137 1 : s = ScriptFromHex("516902feed5169");
1138 1 : d = ScriptFromHex("02feed51");
1139 1 : expect = ScriptFromHex("516969");
1140 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 1);
1141 2 : BOOST_CHECK(s == expect);
1142 :
1143 1 : s = CScript() << OP_0 << OP_0 << OP_1 << OP_1;
1144 1 : d = CScript() << OP_0 << OP_1;
1145 1 : expect = CScript() << OP_0 << OP_1; // FindAndDelete is single-pass
1146 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 1);
1147 2 : BOOST_CHECK(s == expect);
1148 :
1149 1 : s = CScript() << OP_0 << OP_0 << OP_1 << OP_0 << OP_1 << OP_1;
1150 1 : d = CScript() << OP_0 << OP_1;
1151 1 : expect = CScript() << OP_0 << OP_1; // FindAndDelete is single-pass
1152 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 2);
1153 2 : BOOST_CHECK(s == expect);
1154 :
1155 : // Another weird edge case:
1156 : // End with invalid push (not enough data)...
1157 1 : s = ScriptFromHex("0003feed");
1158 1 : d = ScriptFromHex("03feed"); // ... can remove the invalid push
1159 1 : expect = ScriptFromHex("00");
1160 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 1);
1161 2 : BOOST_CHECK(s == expect);
1162 :
1163 1 : s = ScriptFromHex("0003feed");
1164 1 : d = ScriptFromHex("00");
1165 1 : expect = ScriptFromHex("03feed");
1166 1 : BOOST_CHECK_EQUAL(s.FindAndDelete(d), 1);
1167 2 : BOOST_CHECK(s == expect);
1168 1 : }
1169 :
1170 2 : BOOST_AUTO_TEST_CASE(script_can_append_self)
1171 : {
1172 2 : CScript s, d;
1173 :
1174 1 : s = ScriptFromHex("00");
1175 1 : s += s;
1176 1 : d = ScriptFromHex("0000");
1177 2 : BOOST_CHECK(s == d);
1178 :
1179 : // check doubling a script that's large enough to require reallocation
1180 1 : static const char hex[] = "04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f";
1181 2 : s = CScript() << ParseHex(hex) << OP_CHECKSIG;
1182 3 : d = CScript() << ParseHex(hex) << OP_CHECKSIG << ParseHex(hex) << OP_CHECKSIG;
1183 1 : s += s;
1184 2 : BOOST_CHECK(s == d);
1185 1 : }
1186 :
1187 : BOOST_AUTO_TEST_SUITE_END()
|
