[release/1.3.4] parmas, crypto, core, core/vm: homestead consensus protocol changes
* change gas cost for contract creating txs * invalidate signature with s value greater than secp256k1 N / 2 * OOG contract creation if not enough gas to store code * new difficulty adjustment algorithm * new DELEGATECALL op code Conflicts: core/vm/environment.go crypto/crypto.go crypto/secp256k1/secp256.go eth/api.go
This commit is contained in:
Gustav Simonsson
committed by
Jeffrey Wilcke
Jeffrey Wilcke
parent
300f1e2abf
commit
61404979ed
@ -171,12 +171,21 @@ func GenerateKey() (*ecdsa.PrivateKey, error) {
|
||||
return ecdsa.GenerateKey(S256(), rand.Reader)
|
||||
}
|
||||
|
||||
func ValidateSignatureValues(v byte, r, s *big.Int) bool {
|
||||
func ValidateSignatureValues(v byte, r, s *big.Int, homestead bool) bool {
|
||||
if r.Cmp(common.Big1) < 0 || s.Cmp(common.Big1) < 0 {
|
||||
return false
|
||||
}
|
||||
vint := uint32(v)
|
||||
if r.Cmp(secp256k1n) < 0 && s.Cmp(secp256k1n) < 0 && (vint == 27 || vint == 28) {
|
||||
// reject upper range of s values (ECDSA malleability)
|
||||
// see discussion in secp256k1/libsecp256k1/include/secp256k1.h
|
||||
if homestead && s.Cmp(secp256k1.HalfN) > 0 {
|
||||
return false
|
||||
}
|
||||
// Frontier: allow s to be in full N range
|
||||
if s.Cmp(secp256k1.N) >= 0 {
|
||||
return false
|
||||
}
|
||||
if r.Cmp(secp256k1.N) < 0 && (vint == 27 || vint == 28) {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
|
||||
@ -174,7 +174,7 @@ func TestLoadECDSAFile(t *testing.T) {
|
||||
|
||||
func TestValidateSignatureValues(t *testing.T) {
|
||||
check := func(expected bool, v byte, r, s *big.Int) {
|
||||
if ValidateSignatureValues(v, r, s) != expected {
|
||||
if ValidateSignatureValues(v, r, s, false) != expected {
|
||||
t.Errorf("mismatch for v: %d r: %d s: %d want: %v", v, r, s, expected)
|
||||
}
|
||||
}
|
||||
|
||||
@ -44,6 +44,7 @@ import "C"
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"math/big"
|
||||
"unsafe"
|
||||
|
||||
"github.com/ethereum/go-ethereum/crypto/randentropy"
|
||||
@ -60,9 +61,17 @@ import (
|
||||
*/
|
||||
|
||||
// holds ptr to secp256k1_context_struct (see secp256k1/include/secp256k1.h)
|
||||
var context *C.secp256k1_context
|
||||
var (
|
||||
context *C.secp256k1_context
|
||||
N *big.Int
|
||||
HalfN *big.Int
|
||||
)
|
||||
|
||||
func init() {
|
||||
N, _ = new(big.Int).SetString("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141", 16)
|
||||
// N / 2 == 57896044618658097711785492504343953926418782139537452191302581570759080747168
|
||||
HalfN, _ = new(big.Int).SetString("7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0", 16)
|
||||
|
||||
// around 20 ms on a modern CPU.
|
||||
context = C.secp256k1_context_create(3) // SECP256K1_START_SIGN | SECP256K1_START_VERIFY
|
||||
C.secp256k1_context_set_illegal_callback(context, C.callbackFunc(C.secp256k1GoPanicIllegal), nil)
|
||||
|
||||
Reference in New Issue
Block a user