milksad
/
rust-bitcoin-unsafe-fast
14
0
Fork 0
Code Issues Pull Requests Activity
rust-bitcoin-unsafe-fast/bitcoin
History
merge-script 1f74571401
Merge rust-bitcoin/rust-bitcoin#4230: Fix BIP32 validation for private keys and master key constraints (#4195) 
8f74b823ab Add validation for private key format and master key constraints (Erick Cestari)

Pull request description:

  This PR addresses issue #4195 by adding proper validation when decoding extended private keys:

  ### Changes

  - Add validation to ensure byte 45 is zero as required by BIP-32 specification for private keys
  - For master keys (depth=0), add validation to ensure parent fingerprint is zero
  - For master keys (depth=0), add validation to ensure child number is zero
  - Add corresponding error types to handle these validation failures
  - Add unit tests to verify each validation rule

  ### Validation Rationale
  These checks improve security by rejecting malformed extended keys that could potentially lead to unexpected behavior. As noted in the issue discussion, these validations are explicitly required by the BIP-32 specification.

  ### Testing
  Added three new unit tests to verify each validation rule:

  - test_reject_xpriv_with_non_zero_byte_at_index_45
  - test_reject_xpriv_with_zero_depth_and_non_zero_index
  - test_reject_xpriv_with_zero_depth_and_non_zero_parent_fingerprint

  Fixes #4195

ACKs for top commit:
  jrakibi:
    ACK 8f74b823ab
  tcharding:
    ACK 8f74b823ab
  apoelstra:
    ACK 8f74b823ab8ef44bde7d003f8ba43fbe44dbef3e; successfully ran local tests

Tree-SHA512: 6a013e4917f83cfd7e39a2a18f7491853d791ab1d981a99eeea6204e1dab723fed7a168ff2a89e8850d512c3c381bfa1afef7fa32e5a0d246d949a46b01a3023
 		2025-03-12 21:59:24 +00:00
..
contrib Remove rust-ordered dependency 2025-02-18 13:36:07 +11:00
embedded Move opcodes to primitives 2024-07-09 15:26:33 +10:00
examples Merge rust-bitcoin/rust-bitcoin#4186: Clean up Witness API 2025-03-06 18:43:27 +00:00
src Merge rust-bitcoin/rust-bitcoin#4230: Fix BIP32 validation for private keys and master key constraints (#4195) 2025-03-12 21:59:24 +00:00
tests Pick one - MAX or MAX_MONEY 2025-03-11 05:37:39 +11:00
CHANGELOG.md Grab missing changelog 2025-02-25 19:35:43 +11:00
Cargo.toml Remove references to cfg(mutate) from lint allow - no longer allowed 2025-03-10 12:45:57 +08:00