[Pkg-bitcoin-commits] [bitcoin] 35/126: Disallow uncompressed pubkeys in bitcoin-tx [multisig] output adds

Mon Nov 13 20:01:04 UTC 2017

This is an automated email from the git hooks/post-receive script.

js pushed a commit to annotated tag debian/0.15.1_dfsg-1
in repository bitcoin.

commit 75997c3b35db39031a222e2d63da83e67cc9397c
Author: Matt Corallo <git at bluematt.me>
Date:   Wed Sep 20 20:19:14 2017 -0400

    Disallow uncompressed pubkeys in bitcoin-tx [multisig] output adds
    
    Github-Pull: #11377
    Rebased-From: 28d4542a0ac77a30a242d0568e580a5b437f53fa
---
 Makefile.am                           |  1 +
 src/bitcoin-tx.cpp                    |  8 ++++++++
 test/util/data/bitcoin-util-test.json | 18 ++++++++++++++++++
 test/util/data/txcreatemultisig5.json | 26 ++++++++++++++++++++++++++
 4 files changed, 53 insertions(+)

diff --git a/Makefile.am b/Makefile.am
index 8216b7d..3b62a10 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -249,6 +249,7 @@ EXTRA_DIST += \
     test/util/data/txcreatemultisig3.json \
     test/util/data/txcreatemultisig4.hex \
     test/util/data/txcreatemultisig4.json \
+    test/util/data/txcreatemultisig5.json \
     test/util/data/txcreateoutpubkey1.hex \
     test/util/data/txcreateoutpubkey1.json \
     test/util/data/txcreateoutpubkey2.hex \
diff --git a/src/bitcoin-tx.cpp b/src/bitcoin-tx.cpp
index cff90d1..0f2c19b 100644
--- a/src/bitcoin-tx.cpp
+++ b/src/bitcoin-tx.cpp
@@ -310,6 +310,9 @@ static void MutateTxAddOutPubKey(CMutableTransaction& tx, const std::string& str
     }
 
     if (bSegWit) {
+        if (!pubkey.IsCompressed()) {
+            throw std::runtime_error("Uncompressed pubkeys are not useable for SegWit outputs");
+        }
         // Call GetScriptForWitness() to build a P2WSH scriptPubKey
         scriptPubKey = GetScriptForWitness(scriptPubKey);
     }
@@ -377,6 +380,11 @@ static void MutateTxAddOutMultiSig(CMutableTransaction& tx, const std::string& s
     CScript scriptPubKey = GetScriptForMultisig(required, pubkeys);
 
     if (bSegWit) {
+        for (CPubKey& pubkey : pubkeys) {
+            if (!pubkey.IsCompressed()) {
+                throw std::runtime_error("Uncompressed pubkeys are not useable for SegWit outputs");
+            }
+        }
         // Call GetScriptForWitness() to build a P2WSH scriptPubKey
         scriptPubKey = GetScriptForWitness(scriptPubKey);
     }
diff --git a/test/util/data/bitcoin-util-test.json b/test/util/data/bitcoin-util-test.json
index b61a4f7..89b28bb 100644
--- a/test/util/data/bitcoin-util-test.json
+++ b/test/util/data/bitcoin-util-test.json
@@ -263,6 +263,13 @@
   },
   { "exec": "./bitcoin-tx",
     "args":
+    ["-json", "-create", "outpubkey=0:047d1368ba7ae01c94bc32293efd70bd7e3be7aa7912d07d0b1c659c1008d179b8642f5fb90f47580feb29f045e216ff5a4716d3a0fed36da414d332046303c44a:WS", "nversion=1"],
+    "return_code": 1,
+    "error_txt": "error: Uncompressed pubkeys are not useable for SegWit outputs",
+    "description": "Creates a new transaction with a single pay-to-pub-key output, wrapped in P2SH (output as json)"
+  },
+  { "exec": "./bitcoin-tx",
+    "args":
     ["-create",
      "in=5897de6bd6027a475eadd57019d4e6872c396d0716c4875a5f1a6fcfdf385c1f:0",
      "outdata=4:badhexdata"],
@@ -388,5 +395,16 @@
     "args": ["-json", "-create", "outmultisig=1:2:3:02a5613bd857b7048924264d1e70e08fb2a7e6527d32b7ab1bb993ac59964ff397:021ac43c7ff740014c3b33737ede99c967e4764553d1b2b83db77c83b8715fa72d:02df2089105c77f266fa11a9d33f05c735234075f2e8780824c6b709415f9fb485:WS", "nversion=1"],
     "output_cmp": "txcreatemultisig4.json",
     "description": "Creates a new transaction with a single 2-of-3 multisig in a P2WSH output, wrapped in P2SH (output in json)"
+  },
+  { "exec": "./bitcoin-tx",
+    "args": ["-json", "-create", "outmultisig=1:2:3:02a5613bd857b7048924264d1e70e08fb2a7e6527d32b7ab1bb993ac59964ff397:021ac43c7ff740014c3b33737ede99c967e4764553d1b2b83db77c83b8715fa72d:047d1368ba7ae01c94bc32293efd70bd7e3be7aa7912d07d0b1c659c1008d179b8642f5fb90f47580feb29f045e216ff5a4716d3a0fed36da414d332046303c44a:S"],
+    "output_cmp": "txcreatemultisig5.json",
+    "description": "Uncompressed pubkeys should work just fine for non-witness outputs"
+  },
+  { "exec": "./bitcoin-tx",
+    "args": ["-json", "-create", "outmultisig=1:2:3:02a5613bd857b7048924264d1e70e08fb2a7e6527d32b7ab1bb993ac59964ff397:021ac43c7ff740014c3b33737ede99c967e4764553d1b2b83db77c83b8715fa72d:047d1368ba7ae01c94bc32293efd70bd7e3be7aa7912d07d0b1c659c1008d179b8642f5fb90f47580feb29f045e216ff5a4716d3a0fed36da414d332046303c44a:WS"],
+    "return_code": 1,
+    "error_txt": "error: Uncompressed pubkeys are not useable for SegWit outputs",
+    "description": "Ensure adding witness outputs with uncompressed pubkeys fails"
   }
 ]
diff --git a/test/util/data/txcreatemultisig5.json b/test/util/data/txcreatemultisig5.json
new file mode 100644
index 0000000..20e9bb0
--- /dev/null
+++ b/test/util/data/txcreatemultisig5.json
@@ -0,0 +1,26 @@
+{
+    "txid": "813cf75e1f08debd242ef7c8192b7d478fb651355209369499a0de779ba7eb2f",
+    "hash": "813cf75e1f08debd242ef7c8192b7d478fb651355209369499a0de779ba7eb2f",
+    "version": 2,
+    "size": 42,
+    "vsize": 42,
+    "locktime": 0,
+    "vin": [
+    ],
+    "vout": [
+        {
+            "value": 1.00000000,
+            "n": 0,
+            "scriptPubKey": {
+                "asm": "OP_HASH160 a4051c02398868af83f28f083208fae99a769263 OP_EQUAL",
+                "hex": "a914a4051c02398868af83f28f083208fae99a76926387",
+                "reqSigs": 1,
+                "type": "scripthash",
+                "addresses": [
+                    "3GeGs1eHUxPz5YyuFe9WPpXid2UsUb5Jos"
+                ]
+            }
+        }
+    ],
+    "hex": "02000000000100e1f5050000000017a914a4051c02398868af83f28f083208fae99a7692638700000000"
+}

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-bitcoin/bitcoin.git

