def test_checksig_raise_on_uncompressed_pubkey(self):
""" Uncompressed pubkeys shoud not be accepted, even if they solve the signature
"""
block = self.genesis_blocks[0]
from hathor.transaction import Transaction, TxInput, TxOutput
txin = TxInput(tx_id=block.hash, index=0, data=b'')
txout = TxOutput(value=block.outputs[0].value, script=b'')
tx = Transaction(inputs=[txin], outputs=[txout])
import hashlib
data_to_sign = tx.get_sighash_all()
hashed_data = hashlib.sha256(data_to_sign).digest()
signature = self.genesis_private_key.sign(hashed_data,
ec.ECDSA(hashes.SHA256()))
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
pubkey_uncompressed = self.genesis_public_key.public_bytes(
Encoding.X962, PublicFormat.UncompressedPoint)
# ScriptError if pubkey is not a valid compressed public key
# with wrong signature
with self.assertRaises(ScriptError):
op_checksig([b'123', pubkey_uncompressed], log=[], extras=None)
# or with rigth one
# this will make sure the signature is not made when parameters are wrong
with self.assertRaises(ScriptError):
op_checksig([signature, pubkey_uncompressed], log=[], extras=None)
def test_checksig(self):
with self.assertRaises(MissingStackItems):
op_checksig([1], log=[], extras=None)
block = self.genesis_blocks[0]
from hathor.transaction import Transaction, TxInput, TxOutput
txin = TxInput(tx_id=block.hash, index=0, data=b'')
txout = TxOutput(value=block.outputs[0].value, script=b'')
tx = Transaction(inputs=[txin], outputs=[txout])
import hashlib
data_to_sign = tx.get_sighash_all()
hashed_data = hashlib.sha256(data_to_sign).digest()
signature = self.genesis_private_key.sign(hashed_data,
ec.ECDSA(hashes.SHA256()))
pubkey_bytes = get_public_key_bytes_compressed(self.genesis_public_key)
extras = ScriptExtras(tx=tx, txin=None, spent_tx=None)
# wrong signature puts False (0) on stack
stack = [b'aaaaaaaaa', pubkey_bytes]
op_checksig(stack, log=[], extras=extras)
self.assertEqual(0, stack.pop())
stack = [signature, pubkey_bytes]
op_checksig(stack, log=[], extras=extras)
self.assertEqual(1, stack.pop())
def test_checksig_cache(self):
block = self.genesis_blocks[0]
from hathor.transaction import Transaction, TxInput, TxOutput
txin = TxInput(tx_id=block.hash, index=0, data=b'')
txout = TxOutput(value=block.outputs[0].value, script=b'')
tx = Transaction(inputs=[txin], outputs=[txout])
import hashlib
data_to_sign = tx.get_sighash_all()
hashed_data = hashlib.sha256(data_to_sign).digest()
signature = self.genesis_private_key.sign(hashed_data,
ec.ECDSA(hashes.SHA256()))
pubkey_bytes = get_public_key_bytes_compressed(self.genesis_public_key)
extras = ScriptExtras(tx=tx, txin=None, spent_tx=None)
stack = [signature, pubkey_bytes]
self.assertIsNone(tx._sighash_data_cache)
op_checksig(stack, log=[], extras=extras)
self.assertIsNotNone(tx._sighash_data_cache)
self.assertEqual(1, stack.pop())
def test_checksig_check_for_compressed_pubkey(self):
""" Compressed pubkeys bytes representation always start with a byte 2 or 3
- test for invalid bytes starting with bytes 2 and 3
- test for bytes not starting with byte 2 or 3
"""
# ScriptError if pubkey is not a public key but starts with 2 or 3
with self.assertRaises(ScriptError):
op_checksig([b'\x0233', b'\x0233'], log=[], extras=None)
with self.assertRaises(ScriptError):
op_checksig([b'\x0321', b'\x0321'], log=[], extras=None)
# ScriptError if pubkey does not start with 2 or 3
with self.assertRaises(ScriptError):
op_checksig([b'\x0123', b'\x0123'], log=[], extras=None)
with self.assertRaises(ScriptError):
op_checksig([b'\x0423', b'\x0423'], log=[], extras=None)