Switch to Ed25519 for cryptographic binding of joinsplits to transactions.

This commit is contained in:
Sean Bowe
2016-05-30 10:59:20 -06:00
parent b48122b57b
commit 320f2cc7e0
9 changed files with 566 additions and 626 deletions

View File

@@ -16,6 +16,8 @@
#include "script/script_error.h"
#include "primitives/transaction.h"
#include "sodium.h"
#include <map>
#include <string>
@@ -379,6 +381,9 @@ BOOST_AUTO_TEST_CASE(test_simple_pour_invalidity)
CMutableTransaction newTx(tx);
CValidationState state;
unsigned char joinSplitPrivKey[crypto_sign_SECRETKEYBYTES];
crypto_sign_keypair(newTx.joinSplitPubKey.begin(), joinSplitPrivKey);
state.SetPerformPourVerification(false); // don't verify the snark
// No pours, vin and vout, means it should be invalid.
@@ -399,22 +404,18 @@ BOOST_AUTO_TEST_CASE(test_simple_pour_invalidity)
BOOST_CHECK(!CheckTransaction(newTx, state));
BOOST_CHECK(state.GetRejectReason() == "invalid-joinsplit-signature");
CKey joinSplitPrivKey;
joinSplitPrivKey.MakeNewKey(true);
CCompressedPubKey joinSplitPubKey(joinSplitPrivKey.GetPubKey());
newTx.joinSplitPubKey = joinSplitPubKey;
CTransaction signTx(newTx);
// TODO: #966
// TODO: #966.
static const uint256 one(uint256S("0000000000000000000000000000000000000000000000000000000000000001"));
// Empty output script.
CScript scriptCode;
CTransaction signTx(newTx);
uint256 dataToBeSigned = SignatureHash(scriptCode, signTx, NOT_AN_INPUT, SIGHASH_ALL);
BOOST_CHECK(dataToBeSigned != one);
// Add the signature
joinSplitPrivKey.Sign(dataToBeSigned, newTx.joinSplitSig);
assert(crypto_sign_detached(&newTx.joinSplitSig[0], NULL,
dataToBeSigned.begin(), 32,
joinSplitPrivKey
) == 0);
BOOST_CHECK(CheckTransaction(newTx, state));
}