Merge pull request #2036

89b2f306 tests: fix invalid key image test (moneromooo-monero) a374a522 wallet2: check key image validity domain in import_key_images (moneromooo-monero)
2017-05-30 21:23:04 +02:00 · 2017-05-30 21:23:04 +02:00 · cd13bcb4d2
parent 8b1c11c3c9 89b2f3061b
commit cd13bcb4d2
2 changed files with 14 additions and 2 deletions
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@ -5277,6 +5277,10 @@ uint64_t wallet2::import_key_images(const std::vector<std::pair<crypto::key_imag

    std::vector<const crypto::public_key*> pkeys;
    pkeys.push_back(&pkey);
+    THROW_WALLET_EXCEPTION_IF(!(rct::scalarmultKey(rct::ki2rct(key_image), rct::curveOrder()) == rct::identity()),
+        error::wallet_internal_error, "Key image out of validity domain: input " + boost::lexical_cast<std::string>(n) + "/"
+        + boost::lexical_cast<std::string>(signed_key_images.size()) + ", key image " + epee::string_tools::pod_to_hex(key_image));
+
    THROW_WALLET_EXCEPTION_IF(!crypto::check_ring_signature((const crypto::hash&)key_image, key_image, pkeys, &signature),
        error::wallet_internal_error, "Signature check failed: input " + boost::lexical_cast<std::string>(n) + "/"
        + boost::lexical_cast<std::string>(signed_key_images.size()) + ", key image " + epee::string_tools::pod_to_hex(key_image)
--- a/tests/core_tests/tx_validation.cpp
+++ b/tests/core_tests/tx_validation.cpp
@ -163,6 +163,15 @@ namespace
    throw std::runtime_error("invalid public key wasn't found");
    return crypto::public_key();
  }
+
+  crypto::key_image generate_invalid_key_image()
+  {
+    crypto::key_image key_image;
+    // a random key image plucked from the blockchain
+    if (!epee::string_tools::hex_to_pod("6b9f5d1be7c950dc6e4e258c6ef75509412ba9ecaaf90e6886140151d1365b5e", key_image))
+      throw std::runtime_error("invalid key image wasn't found");
+    return key_image;
+  }
 }

 //----------------------------------------------------------------------------------------------------------------------
@ -541,8 +550,7 @@ bool gen_tx_key_image_is_invalid::generate(std::vector<test_event_entry>& events
  builder.step2_fill_inputs(miner_account.get_keys(), sources);

  txin_to_key& in_to_key = boost::get<txin_to_key>(builder.m_tx.vin.front());
-  crypto::public_key pub = generate_invalid_pub_key();
-  memcpy(&in_to_key.k_image, &pub, sizeof(crypto::ec_point));
+  in_to_key.k_image = generate_invalid_key_image();

  builder.step3_fill_outputs(destinations);
  builder.step4_calc_hash();