Pad precompiled EC recover input and add validations

2015-06-09 15:41:15 +02:00 · 2015-06-09 15:41:15 +02:00 · ad5b5a4895
commit ad5b5a4895
parent d8e55a5cc3
1 changed files with 14 additions and 8 deletions
--- a/core/vm/contracts.go
+++ b/core/vm/contracts.go
@ -67,21 +67,27 @@ func ripemd160Func(in []byte) []byte {
 const ecRecoverInputLength = 128

 func ecrecoverFunc(in []byte) []byte {
+	if len(in) < ecRecoverInputLength {
+		in = common.RightPadBytes(in, 128)
+	}
 	// "in" is (hash, v, r, s), each 32 bytes
 	// but for ecrecover we want (r, s, v)
-	if len(in) < ecRecoverInputLength {
-		return nil
-	}

+	r := common.BytesToBig(in[64:96])
+	s := common.BytesToBig(in[96:128])
 	// Treat V as a 256bit integer
-	v := new(big.Int).Sub(common.Bytes2Big(in[32:64]), big.NewInt(27))
-	// Ethereum requires V to be either 0 or 1 => (27 || 28)
-	if !(v.Cmp(Zero) == 0 || v.Cmp(One) == 0) {
+	vbig := common.Bytes2Big(in[32:64])
+	v := byte(vbig.Uint64())
+
+	if !crypto.ValidateSignatureValues(v, r, s) {
+		glog.V(logger.Error).Infof("EC RECOVER FAIL: v, r or s value invalid")
 		return nil
 	}

-	// v needs to be moved to the end
-	rsv := append(in[64:128], byte(v.Uint64()))
+	// v needs to be at the end and normalized for libsecp256k1
+	vbignormal := new(big.Int).Sub(vbig, big.NewInt(27))
+	vnormal := byte(vbignormal.Uint64())
+	rsv := append(in[64:128], vnormal)
 	pubKey, err := crypto.Ecrecover(in[:32], rsv)
 	// make sure the public key is a valid one
 	if err != nil {