2014-09-10 16:16:09 +02:00
|
|
|
// Copyright (c) 2009-2010 Satoshi Nakamoto
|
2015-12-13 14:51:43 +01:00
|
|
|
// Copyright (c) 2009-2015 The Bitcoin Core developers
|
2014-10-06 13:00:55 +02:00
|
|
|
// Distributed under the MIT software license, see the accompanying
|
2014-09-10 16:16:09 +02:00
|
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
|
|
|
|
|
|
#include "sigcache.h"
|
|
|
|
|
2015-10-30 23:14:38 +01:00
|
|
|
#include "memusage.h"
|
2014-10-28 22:47:18 +01:00
|
|
|
#include "pubkey.h"
|
2014-09-10 16:16:09 +02:00
|
|
|
#include "random.h"
|
|
|
|
#include "uint256.h"
|
|
|
|
#include "util.h"
|
|
|
|
|
2016-12-15 02:48:56 +01:00
|
|
|
#include "cuckoocache.h"
|
2014-09-10 16:16:09 +02:00
|
|
|
#include <boost/thread.hpp>
|
|
|
|
|
|
|
|
namespace {
|
|
|
|
|
2015-10-30 23:14:38 +01:00
|
|
|
/**
|
|
|
|
* We're hashing a nonce into the entries themselves, so we don't need extra
|
|
|
|
* blinding in the set hash computation.
|
2016-12-15 02:48:56 +01:00
|
|
|
*
|
|
|
|
* This may exhibit platform endian dependent behavior but because these are
|
|
|
|
* nonced hashes (random) and this state is only ever used locally it is safe.
|
|
|
|
* All that matters is local consistency.
|
2015-10-30 23:14:38 +01:00
|
|
|
*/
|
2016-12-15 02:48:56 +01:00
|
|
|
class SignatureCacheHasher
|
2015-10-30 23:14:38 +01:00
|
|
|
{
|
|
|
|
public:
|
2016-12-15 02:48:56 +01:00
|
|
|
template <uint8_t hash_select>
|
|
|
|
uint32_t operator()(const uint256& key) const
|
|
|
|
{
|
|
|
|
static_assert(hash_select <8, "SignatureCacheHasher only has 8 hashes available.");
|
|
|
|
uint32_t u;
|
|
|
|
std::memcpy(&u, key.begin()+4*hash_select, 4);
|
|
|
|
return u;
|
2015-10-30 23:14:38 +01:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2014-11-10 07:40:01 +01:00
|
|
|
/**
|
|
|
|
* Valid signature cache, to avoid doing expensive ECDSA signature checking
|
|
|
|
* twice for every transaction (once when accepted into memory pool, and
|
|
|
|
* again when accepted into the block chain)
|
|
|
|
*/
|
2014-09-10 16:16:09 +02:00
|
|
|
class CSignatureCache
|
|
|
|
{
|
|
|
|
private:
|
2015-10-30 23:14:38 +01:00
|
|
|
//! Entries are SHA256(nonce || signature hash || public key || signature):
|
|
|
|
uint256 nonce;
|
2016-12-15 02:48:56 +01:00
|
|
|
typedef CuckooCache::cache<uint256, SignatureCacheHasher> map_type;
|
2015-10-30 23:14:38 +01:00
|
|
|
map_type setValid;
|
2014-09-10 16:16:09 +02:00
|
|
|
boost::shared_mutex cs_sigcache;
|
|
|
|
|
|
|
|
public:
|
2015-10-30 23:14:38 +01:00
|
|
|
CSignatureCache()
|
|
|
|
{
|
|
|
|
GetRandBytes(nonce.begin(), 32);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
ComputeEntry(uint256& entry, const uint256 &hash, const std::vector<unsigned char>& vchSig, const CPubKey& pubkey)
|
|
|
|
{
|
|
|
|
CSHA256().Write(nonce.begin(), 32).Write(hash.begin(), 32).Write(&pubkey[0], pubkey.size()).Write(&vchSig[0], vchSig.size()).Finalize(entry.begin());
|
|
|
|
}
|
|
|
|
|
2014-09-10 16:16:09 +02:00
|
|
|
bool
|
2016-12-15 02:48:56 +01:00
|
|
|
Get(const uint256& entry, const bool erase)
|
2014-09-10 16:16:09 +02:00
|
|
|
{
|
|
|
|
boost::shared_lock<boost::shared_mutex> lock(cs_sigcache);
|
2016-12-15 02:48:56 +01:00
|
|
|
return setValid.contains(entry, erase);
|
2014-09-10 16:16:09 +02:00
|
|
|
}
|
|
|
|
|
2016-12-15 02:48:56 +01:00
|
|
|
void Set(uint256& entry)
|
2015-10-30 23:38:40 +01:00
|
|
|
{
|
|
|
|
boost::unique_lock<boost::shared_mutex> lock(cs_sigcache);
|
2016-12-15 02:48:56 +01:00
|
|
|
setValid.insert(entry);
|
2015-10-30 23:38:40 +01:00
|
|
|
}
|
2016-12-15 02:48:56 +01:00
|
|
|
uint32_t setup_bytes(size_t n)
|
2014-09-10 16:16:09 +02:00
|
|
|
{
|
2016-12-15 02:48:56 +01:00
|
|
|
return setValid.setup_bytes(n);
|
2014-09-10 16:16:09 +02:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2016-12-15 02:48:56 +01:00
|
|
|
/* In previous versions of this code, signatureCache was a local static variable
|
|
|
|
* in CachingTransactionSignatureChecker::VerifySignature. We initialize
|
|
|
|
* signatureCache outside of VerifySignature to avoid the atomic operation per
|
|
|
|
* call overhead associated with local static variables even though
|
|
|
|
* signatureCache could be made local to VerifySignature.
|
|
|
|
*/
|
|
|
|
static CSignatureCache signatureCache;
|
2014-09-10 16:16:09 +02:00
|
|
|
}
|
|
|
|
|
2016-12-15 02:48:56 +01:00
|
|
|
// To be called once in AppInit2/TestingSetup to initialize the signatureCache
|
|
|
|
void InitSignatureCache()
|
2014-09-10 16:16:09 +02:00
|
|
|
{
|
2016-12-15 02:48:56 +01:00
|
|
|
size_t nMaxCacheSize = GetArg("-maxsigcachesize", DEFAULT_MAX_SIG_CACHE_SIZE) * ((size_t) 1 << 20);
|
|
|
|
if (nMaxCacheSize <= 0) return;
|
|
|
|
size_t nElems = signatureCache.setup_bytes(nMaxCacheSize);
|
|
|
|
LogPrintf("Using %zu MiB out of %zu requested for signature cache, able to store %zu elements\n",
|
|
|
|
(nElems*sizeof(uint256)) >>20, nMaxCacheSize>>20, nElems);
|
|
|
|
}
|
2014-09-10 16:16:09 +02:00
|
|
|
|
2016-12-15 02:48:56 +01:00
|
|
|
bool CachingTransactionSignatureChecker::VerifySignature(const std::vector<unsigned char>& vchSig, const CPubKey& pubkey, const uint256& sighash) const
|
|
|
|
{
|
2015-10-30 23:14:38 +01:00
|
|
|
uint256 entry;
|
|
|
|
signatureCache.ComputeEntry(entry, sighash, vchSig, pubkey);
|
2016-12-15 02:48:56 +01:00
|
|
|
if (signatureCache.Get(entry, !store))
|
2014-09-10 16:16:09 +02:00
|
|
|
return true;
|
2015-01-27 14:28:45 +01:00
|
|
|
if (!TransactionSignatureChecker::VerifySignature(vchSig, pubkey, sighash))
|
2014-09-10 16:16:09 +02:00
|
|
|
return false;
|
2016-12-15 02:48:56 +01:00
|
|
|
if (store)
|
2015-10-30 23:14:38 +01:00
|
|
|
signatureCache.Set(entry);
|
2014-09-10 16:16:09 +02:00
|
|
|
return true;
|
|
|
|
}
|