Bitcoin Core  31.0.0
P2P Digital Currency
descriptor.cpp
Go to the documentation of this file.
1 // Copyright (c) 2023-present The Bitcoin Core developers
2 // Distributed under the MIT software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 
5 #include <test/fuzz/util/descriptor.h>
6 
7 #include <key.h>
8 #include <key_io.h>
9 #include <pubkey.h>
10 #include <span.h>
11 #include <util/strencodings.h>
12 
13 #include <ranges>
14 #include <stack>
15 #include <vector>
16 
17 void MockedDescriptorConverter::Init()
18 {
19  // The data to use as a private key or a seed for an xprv.
20  std::array<std::byte, 32> key_data{std::byte{1}};
21  // Generate keys of all kinds and store them in the keys array.
22  for (size_t i{0}; i < TOTAL_KEYS_GENERATED; i++) {
23  key_data[31] = std::byte(i);
24 
25  // If this is a "raw" key, generate a normal privkey. Otherwise generate
26  // an extended one.
27  if (IdIsCompPubKey(i) || IdIsUnCompPubKey(i) || IdIsXOnlyPubKey(i) || IdIsConstPrivKey(i)) {
28  CKey privkey;
29  privkey.Set(key_data.begin(), key_data.end(), !IdIsUnCompPubKey(i));
30  if (IdIsCompPubKey(i) || IdIsUnCompPubKey(i)) {
31  CPubKey pubkey{privkey.GetPubKey()};
32  keys_str[i] = HexStr(pubkey);
33  } else if (IdIsXOnlyPubKey(i)) {
34  const XOnlyPubKey pubkey{privkey.GetPubKey()};
35  keys_str[i] = HexStr(pubkey);
36  } else {
37  keys_str[i] = EncodeSecret(privkey);
38  }
39  } else {
40  CExtKey ext_privkey;
41  ext_privkey.SetSeed(key_data);
42  if (IdIsXprv(i)) {
43  keys_str[i] = EncodeExtKey(ext_privkey);
44  } else {
45  const CExtPubKey ext_pubkey{ext_privkey.Neuter()};
46  keys_str[i] = EncodeExtPubKey(ext_pubkey);
47  }
48  }
49  }
50 }
51 
52 std::optional<uint8_t> MockedDescriptorConverter::IdxFromHex(std::string_view hex_characters) const {
53  if (hex_characters.size() != 2) return {};
54  auto idx = ParseHex(hex_characters);
55  if (idx.size() != 1) return {};
56  return idx[0];
57 }
58 
59 std::optional<std::string> MockedDescriptorConverter::GetDescriptor(std::string_view mocked_desc) const {
60  // The smallest fragment would be "pk(%00)"
61  if (mocked_desc.size() < 7) return {};
62 
63  // The actual descriptor string to be returned.
64  std::string desc;
65  desc.reserve(mocked_desc.size());
66 
67  // Replace all occurrences of '%' followed by two hex characters with the corresponding key.
68  for (size_t i = 0; i < mocked_desc.size();) {
69  if (mocked_desc[i] == '%') {
70  if (i + 3 >= mocked_desc.size()) return {};
71  if (const auto idx = IdxFromHex(mocked_desc.substr(i + 1, 2))) {
72  desc += keys_str[*idx];
73  i += 3;
74  } else {
75  return {};
76  }
77  } else {
78  desc += mocked_desc[i++];
79  }
80  }
81 
82  return desc;
83 }
84 
85 bool HasDeepDerivPath(std::span<const uint8_t> buff, const int max_depth)
86 {
87  auto depth{0};
88  for (const auto& ch: buff) {
89  if (ch == ',') {
90  // A comma is always present between two key expressions, so we use that as a delimiter.
91  depth = 0;
92  } else if (ch == '/') {
93  if (++depth > max_depth) return true;
94  }
95  }
96  return false;
97 }
98 
99 bool HasTooManySubFrag(std::span<const uint8_t> buff, const int max_subs, const size_t max_nested_subs)
100 {
101  // We use a stack because there may be many nested sub-frags.
102  std::stack<int> counts;
103  for (const auto& ch: buff) {
104  // The fuzzer may generate an input with a ton of parentheses. Rule out pathological cases.
105  if (counts.size() > max_nested_subs) return true;
106 
107  if (ch == '(') {
108  // A new fragment was opened, create a new sub-count for it and start as one since any fragment with
109  // parentheses has at least one sub.
110  counts.push(1);
111  } else if (ch == ',' && !counts.empty()) {
112  // When encountering a comma, account for an additional sub in the last opened fragment. If it exceeds the
113  // limit, bail.
114  if (++counts.top() > max_subs) return true;
115  } else if (ch == ')' && !counts.empty()) {
116  // Fragment closed! Drop its sub count and resume to counting the number of subs for its parent.
117  counts.pop();
118  }
119  }
120  return false;
121 }
122 
123 bool HasTooManyWrappers(std::span<const uint8_t> buff, const int max_wrappers)
124 {
125  // The number of nested wrappers. Nested wrappers are always characters which follow each other so we don't have to
126  // use a stack as we do above when counting the number of sub-fragments.
127  std::optional<int> count;
128 
129  // We want to detect nested wrappers. A wrapper is a character prepended to a fragment, separated by a colon. There
130  // may be more than one wrapper, in which case the colon is not repeated. For instance `jjjjj:pk()`. To count
131  // wrappers we iterate in reverse and use the colon to detect the end of a wrapper expression and count how many
132  // characters there are since the beginning of the expression. We stop counting when we encounter a character
133  // indicating the beginning of a new expression.
134  for (const auto ch: buff | std::views::reverse) {
135  // A colon, start counting.
136  if (ch == ':') {
137  // The colon itself is not a wrapper so we start at 0.
138  count = 0;
139  } else if (count) {
140  // If we are counting wrappers, stop when we crossed the beginning of the wrapper expression. Otherwise keep
141  // counting and bail if we reached the limit.
142  // A wrapper may only ever occur as the first sub of a descriptor/miniscript expression ('('), as the
143  // first Taproot leaf in a pair ('{') or as the nth sub in each case (',').
144  if (ch == ',' || ch == '(' || ch == '{') {
145  count.reset();
146  } else if (++*count > max_wrappers) {
147  return true;
148  }
149  }
150  }
151 
152  return false;
153 }
154 
155 bool HasTooLargeLeafSize(std::span<const uint8_t> buff, const uint32_t max_leaf_size)
156 {
157  uint32_t leaf_len{0};
158  for (auto c : buff) {
159  if (c == '(' || c == ')' || c == ',' || c == '{' || c == '}') {
160  // Possibly start a fresh leaf, or a fresh function name (with
161  // wrappers), or terminate a prior leaf.
162  leaf_len = 0;
163  } else {
164  // Just treat everything else as a leaf. This will also reject long
165  // function names, but this should be fine if the max_leaf_size is
166  // set large enough.
167  if (++leaf_len > max_leaf_size) {
168  return true;
169  }
170  }
171  }
172  return false;
173 }
ParseHex
std::vector< Byte > ParseHex(std::string_view hex_str)
Like TryParseHex, but returns an empty vector on invalid input.
Definition: strencodings.h:69
MockedDescriptorConverter::IdxFromHex
std::optional< uint8_t > IdxFromHex(std::string_view hex_characters) const
Parse an id in the keys vectors from a 2-characters hex string.
Definition: descriptor.cpp:52
CExtKey::SetSeed
void SetSeed(std::span< const std::byte > seed)
Definition: key.cpp:491
MockedDescriptorConverter::TOTAL_KEYS_GENERATED
static constexpr size_t TOTAL_KEYS_GENERATED
How many keys we&#39;ll generate in total.
Definition: descriptor.h:28
CKey::GetPubKey
CPubKey GetPubKey() const
Compute the public key from a private key.
Definition: key.cpp:183
MockedDescriptorConverter::keys_str
std::array< std::string, TOTAL_KEYS_GENERATED > keys_str
256 keys of various types.
Definition: descriptor.h:30
CExtKey
Definition: key.h:231
MockedDescriptorConverter::IdIsXprv
bool IdIsXprv(uint8_t idx) const
Definition: descriptor.h:39
MockedDescriptorConverter::IdIsCompPubKey
bool IdIsCompPubKey(uint8_t idx) const
Definition: descriptor.h:34
MockedDescriptorConverter::IdIsXOnlyPubKey
bool IdIsXOnlyPubKey(uint8_t idx) const
Definition: descriptor.h:36
HasDeepDerivPath
bool HasDeepDerivPath(std::span< const uint8_t > buff, const int max_depth)
Whether the buffer, if it represents a valid descriptor, contains a derivation path deeper than a giv...
Definition: descriptor.cpp:85
key_io.h
HasTooManyWrappers
bool HasTooManyWrappers(std::span< const uint8_t > buff, const int max_wrappers)
Whether the buffer, if it represents a valid descriptor, contains a fragment with more wrappers than ...
Definition: descriptor.cpp:123
CPubKey
An encapsulated public key.
Definition: pubkey.h:33
MockedDescriptorConverter::Init
void Init()
When initializing the target, populate the list of keys.
Definition: descriptor.cpp:17
CKey::Set
void Set(const T pbegin, const T pend, bool fCompressedIn)
Initialize using begin and end iterators to byte data.
Definition: key.h:104
MockedDescriptorConverter::GetDescriptor
std::optional< std::string > GetDescriptor(std::string_view mocked_desc) const
Get an actual descriptor string from a descriptor string whose keys were mocked.
Definition: descriptor.cpp:59
EncodeExtPubKey
std::string EncodeExtPubKey(const CExtPubKey &key)
Definition: key_io.cpp:257
CExtKey::Neuter
CExtPubKey Neuter() const
Definition: key.cpp:503
HasTooManySubFrag
bool HasTooManySubFrag(std::span< const uint8_t > buff, const int max_subs, const size_t max_nested_subs)
Whether the buffer, if it represents a valid descriptor, contains a fragment with more sub-fragments ...
Definition: descriptor.cpp:99
count
static int count
Definition: tests_exhaustive.c:34
CKey
An encapsulated private key.
Definition: key.h:35
MockedDescriptorConverter::IdIsConstPrivKey
bool IdIsConstPrivKey(uint8_t idx) const
Definition: descriptor.h:37
EncodeSecret
std::string EncodeSecret(const CKey &key)
Definition: key_io.cpp:231
HasTooLargeLeafSize
bool HasTooLargeLeafSize(std::span< const uint8_t > buff, const uint32_t max_leaf_size)
Whether the expanded buffer (after calling GetDescriptor() in MockedDescriptorConverter) has a leaf s...
Definition: descriptor.cpp:155
HexStr
std::string HexStr(const std::span< const uint8_t > s)
Convert a span of bytes to a lower-case hexadecimal string.
Definition: hex_base.cpp:30
EncodeExtKey
std::string EncodeExtKey(const CExtKey &key)
Definition: key_io.cpp:283
MockedDescriptorConverter::IdIsUnCompPubKey
bool IdIsUnCompPubKey(uint8_t idx) const
Definition: descriptor.h:35
Generated on Thu Apr 16 2026 12:00:00 for Bitcoin Core by   doxygen 1.8.14