Bitcoin Core  22.99.0
P2P Digital Currency
lax_der_parsing.c File Reference
#include <string.h>
#include "lax_der_parsing.h"
Include dependency graph for lax_der_parsing.c:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.


int ecdsa_signature_parse_der_lax (const secp256k1_context *ctx, secp256k1_ecdsa_signature *sig, const unsigned char *input, size_t inputlen)
 Parse a signature in "lax DER" format. More...

Function Documentation

◆ ecdsa_signature_parse_der_lax()

int ecdsa_signature_parse_der_lax ( const secp256k1_context ctx,
secp256k1_ecdsa_signature sig,
const unsigned char *  input,
size_t  inputlen 

Parse a signature in "lax DER" format.

This function is taken from the libsecp256k1 distribution and implements DER parsing for ECDSA signatures, while supporting an arbitrary subset of format violations.

Returns: 1 when the signature could be parsed, 0 otherwise. Args: ctx: a secp256k1 context object Out: sig: a pointer to a signature object In: input: a pointer to the signature to be parsed inputlen: the length of the array pointed to be input

This function will accept any valid DER encoded signature, even if the encoded numbers are out of range. In addition, it will accept signatures which violate the DER spec in various ways. Its purpose is to allow validation of the Bitcoin blockchain, which includes non-DER signatures from before the network rules were updated to enforce DER. Note that the set of supported violations is a strict subset of what OpenSSL will accept.

After the call, sig will always be initialized. If parsing failed or the encoded numbers are out of range, signature validation with it is guaranteed to fail for every message and public key.

Parse a signature in "lax DER" format.

Supported violations include negative integers, excessive padding, garbage at the end, and overly long length descriptors. This is safe to use in Bitcoin because since the activation of BIP66, signatures are verified to be strict DER before being passed to this module, and we know it supports all violations present in the blockchain before that point.

Definition at line 11 of file lax_der_parsing.c.

Here is the call graph for this function:
Here is the caller graph for this function: