From cd155b247e9487181c3cd408e6c0c185c649e29b Mon Sep 17 00:00:00 2001 From: Thomas Kerin Date: Sun, 7 Feb 2016 19:35:24 +0000 Subject: [PATCH] Remove sudo requirement for building extension --- .travis.yml | 8 +- lax_der.h | 154 ++++++++++++++++++++++++++++++++++++ travis/generate_stubs.sh | 2 +- travis/validate_examples.sh | 2 +- 4 files changed, 160 insertions(+), 6 deletions(-) create mode 100644 lax_der.h diff --git a/.travis.yml b/.travis.yml index 0164cfe4..e1fa3e92 100644 --- a/.travis.yml +++ b/.travis.yml @@ -37,8 +37,7 @@ install: && ./configure --enable-tests=no --enable-benchmark=no \ --enable-experimental --enable-module-{ecdh,recovery} \ && make -j$(nproc) && sudo make install && cd .. - - | - phpize && ./configure && make && sudo make install + - phpize && ./configure && make - composer update before_script: @@ -50,8 +49,9 @@ before_script: script: - travis/verify_stubs.sh - - cd secp256k1/ && REPORT_EXIT_STATUS=1 make test || (find tests/*.log -type f -exec cat {} + ; exit 1) && cd .. + - REPORT_EXIT_STATUS=1 make test || (find tests/*.log -type f -exec cat {} + ; exit 1) - travis/run_coverage_test.sh || exit 1 - travis/validate_examples.sh || exit 1 + after_script: - - bash <(curl -s https://codecov.io/bash) + - bash <(curl -s https://codecov.io/bash) diff --git a/lax_der.h b/lax_der.h new file mode 100644 index 00000000..e56f84ee --- /dev/null +++ b/lax_der.h @@ -0,0 +1,154 @@ +#include +#include + +/* Parse a DER signature with arbitrary +/** This function is taken from the libsecp256k1 distribution and implements + * DER parsing for ECDSA signatures, while supporting an arbitrary subset of + * format violations. + * + * Supported violations include negative integers, excessive padding, garbage + * at the end, and overly long length descriptors. This is safe to use in + * Bitcoin because since the activation of BIP66, signatures are verified to be + * strict DER before being passed to this module, and we know it supports all + * violations present in the blockchain before that point. + */ +int ecdsa_signature_parse_der_lax(const secp256k1_context* ctx, secp256k1_ecdsa_signature* sig, const unsigned char *input, size_t inputlen) { + size_t rpos, rlen, spos, slen; + size_t pos = 0; + size_t lenbyte; + unsigned char tmpsig[64] = {0}; + int overflow = 0; + + /* Hack to initialize sig with a correctly-parsed but invalid signature. */ + secp256k1_ecdsa_signature_parse_compact(ctx, sig, tmpsig); + + /* Sequence tag byte */ + if (pos == inputlen || input[pos] != 0x30) { + return 0; + } + pos++; + + /* Sequence length bytes */ + if (pos == inputlen) { + return 0; + } + lenbyte = input[pos++]; + if (lenbyte & 0x80) { + lenbyte -= 0x80; + if (pos + lenbyte > inputlen) { + return 0; + } + pos += lenbyte; + } + + /* Integer tag byte for R */ + if (pos == inputlen || input[pos] != 0x02) { + return 0; + } + pos++; + + /* Integer length for R */ + if (pos == inputlen) { + return 0; + } + lenbyte = input[pos++]; + if (lenbyte & 0x80) { + lenbyte -= 0x80; + if (pos + lenbyte > inputlen) { + return 0; + } + while (lenbyte > 0 && input[pos] == 0) { + pos++; + lenbyte--; + } + if (lenbyte >= sizeof(size_t)) { + return 0; + } + rlen = 0; + while (lenbyte > 0) { + rlen = (rlen << 8) + input[pos]; + pos++; + lenbyte--; + } + } else { + rlen = lenbyte; + } + if (rlen > inputlen - pos) { + return 0; + } + rpos = pos; + pos += rlen; + + /* Integer tag byte for S */ + if (pos == inputlen || input[pos] != 0x02) { + return 0; + } + pos++; + + /* Integer length for S */ + if (pos == inputlen) { + return 0; + } + lenbyte = input[pos++]; + if (lenbyte & 0x80) { + lenbyte -= 0x80; + if (pos + lenbyte > inputlen) { + return 0; + } + while (lenbyte > 0 && input[pos] == 0) { + pos++; + lenbyte--; + } + if (lenbyte >= sizeof(size_t)) { + return 0; + } + slen = 0; + while (lenbyte > 0) { + slen = (slen << 8) + input[pos]; + pos++; + lenbyte--; + } + } else { + slen = lenbyte; + } + if (slen > inputlen - pos) { + return 0; + } + spos = pos; + pos += slen; + + /* Ignore leading zeroes in R */ + while (rlen > 0 && input[rpos] == 0) { + rlen--; + rpos++; + } + /* Copy R value */ + if (rlen > 32) { + overflow = 1; + } else { + memcpy(tmpsig + 32 - rlen, input + rpos, rlen); + } + + /* Ignore leading zeroes in S */ + while (slen > 0 && input[spos] == 0) { + slen--; + spos++; + } + /* Copy S value */ + if (slen > 32) { + overflow = 1; + } else { + memcpy(tmpsig + 64 - slen, input + spos, slen); + } + + if (!overflow) { + overflow = !secp256k1_ecdsa_signature_parse_compact(ctx, sig, tmpsig); + } + if (overflow) { + /* Overwrite the result again with a correctly-parsed but invalid + signature if parsing failed. */ + memset(tmpsig, 0, 64); + secp256k1_ecdsa_signature_parse_compact(ctx, sig, tmpsig); + } + return 1; +} diff --git a/travis/generate_stubs.sh b/travis/generate_stubs.sh index a01f9bc1..8c25b2ac 100755 --- a/travis/generate_stubs.sh +++ b/travis/generate_stubs.sh @@ -22,5 +22,5 @@ else [ -d "${_STUBSOUT}" ] || mkdir output fi -php -dextension=secp256k1.so php-extension-stub-generator/bin/docblock-stub-generator dump-files --docBlock=config.json secp256k1 ${_STUBSOUT} <<< $'y' +php -dextension=../../modules/secp256k1.so php-extension-stub-generator/bin/docblock-stub-generator dump-files --docBlock=config.json secp256k1 ${_STUBSOUT} <<< $'y' diff --git a/travis/validate_examples.sh b/travis/validate_examples.sh index 253f2d5c..2ad212be 100755 --- a/travis/validate_examples.sh +++ b/travis/validate_examples.sh @@ -1,7 +1,7 @@ #!/bin/bash if [ "${COVERAGE}" = "true" ]; then for i in $(git rev-parse --show-toplevel)/examples/*.php; do - php -dextension=secp256k1.so $i > /dev/null + php -d"extension=$(git rev-parse --show-toplevel)/modules/secp256k1.so" $i > /dev/null if [ $? -ne 0 ]; then echo "Error running example code: $i"; exit -1