bitcoin-ruby 0.0.6 → 0.0.7

data/lib/bitcoin/key.rb

@@ -98,7 +98,12 @@ module Bitcoin
     #  key1 = Bitcoin::Key.generate
     #  sig = key1.sign("some data")
     def sign(data)
-      @key.dsa_sign_asn1(data)
+      sig = @key.dsa_sign_asn1(data)
+      if Script::is_low_der_signature?(sig)
+        sig
+      else
+        Bitcoin::OpenSSL_EC.signature_to_low_s(sig)
+      end
     end
 
     # Verify signature +sig+ for +data+.
@@ -106,7 +111,12 @@ module Bitcoin
     #  key2.verify("some data", sig)
     def verify(data, sig)
       regenerate_pubkey unless @key.public_key
-      @key.dsa_verify_asn1(data, sig)
+      sig = Bitcoin::OpenSSL_EC.repack_der_signature(sig)
+      if sig
+        @key.dsa_verify_asn1(data, sig)
+      else
+        false
+      end
     end
 
 

data/lib/bitcoin/logger.rb

@@ -1,17 +1,8 @@
 # encoding: ascii-8bit
 
-if Bitcoin.require_dependency :log4r, exit: false
-  # monkey-patch Log4r to accept level names as symbols
-  class Log4r::Logger
-    def level= l = 0
-      _level = l.is_a?(Fixnum) ? l : Log4r::LNAMES.index(l.to_s.upcase)
-      Log4r::Log4rTools.validate_level(_level)
-      @level = _level
-      LoggerFactory.define_methods(self)
-      Log4r::Logger.log_internal {"Logger '#{@fullname}' set to #{LNAMES[@level]}"}
-      @level
-    end
-  end
+begin
+  require 'log4r'
+rescue LoadError
 end
 
 module Bitcoin

data/lib/bitcoin/protocol/block.rb

@@ -56,7 +56,7 @@ module Bitcoin
       end
 
       # create block from raw binary +data+
-      def initialize(data)
+      def initialize(data=nil)
         @tx = []
         parse_data_from_io(data) if data
       end
@@ -73,7 +73,7 @@ module Bitcoin
         @ver, @prev_block, @mrkl_root, @time, @bits, @nonce = buf.read(80).unpack("Va32a32VVV")
         recalc_block_hash
 
-        if Bitcoin.network[:project] == :namecoin && (@ver & BLOCK_VERSION_AUXPOW) > 0
+        if Bitcoin.network[:auxpow_chain_id] != nil && (@ver & BLOCK_VERSION_AUXPOW) > 0
           @aux_pow = AuxPow.new(nil)
           @aux_pow.parse_data_from_io(buf)
         end
@@ -197,7 +197,7 @@ module Bitcoin
           end
           @aux_pow = AuxPow.from_hash(h['aux_pow'])  if h['aux_pow']
           h['tx'].each{|tx| @tx << Tx.from_hash(tx) }
-          if h['tx'].any? && !Bitcoin.freicoin?
+          if h['tx'].any?
             (raise "Block merkle root mismatch! Block: #{h['hash']}"  unless verify_mrkl_root) if do_raise
           end
         }
@@ -231,12 +231,6 @@ module Bitcoin
       # read json block from a file
       def self.from_json_file(path); from_json( Bitcoin::Protocol.read_binary_file(path) ); end
 
-      # Get a Bitcoin::Validation object to validate this block. It needs a +store+
-      # to validate against, and optionally takes the +prev_block+ for optimization.
-      def validator(store, prev_block = nil)
-        @validator ||= Bitcoin::Validation::Block.new(self, store, prev_block)
-      end
-
       # get the (statistical) amount of work that was needed to generate this block.
       def block_work
         target = Bitcoin.decode_compact_bits(@bits).to_i(16)

data/lib/bitcoin/protocol/parser.rb

@@ -23,7 +23,7 @@ module Bitcoin
       #
       def parse_inv(payload, type=:put)
         count, payload = Protocol.unpack_var_int(payload)
-        payload.each_byte.each_slice(36){|i|
+        payload.each_byte.each_slice(36).with_index{|i, idx|
           hash = i[4..-1].reverse.pack("C32")
           case i[0]
           when 1
@@ -34,7 +34,11 @@ module Bitcoin
             end
           when 2
             if type == :put
-              @h.on_inv_block(hash)
+              if @h.respond_to?(:on_inv_block_v2)
+                @h.on_inv_block_v2(hash, idx, count)
+              else
+                @h.on_inv_block(hash)
+              end
             else
               @h.on_get_block(hash)
             end

data/lib/bitcoin/protocol/tx.rb

@@ -44,6 +44,7 @@ module Bitcoin
       # create tx from raw binary +data+
       def initialize(data=nil)
         @ver, @lock_time, @in, @out, @scripts = 1, 0, [], [], []
+        @enable_bitcoinconsensus = !!ENV['USE_BITCOINCONSENSUS']
         parse_data_from_io(data) if data
       end
 
@@ -160,7 +161,13 @@ module Bitcoin
       # verify input signature +in_idx+ against the corresponding
       # output in +outpoint_tx+
       # outpoint
-      def verify_input_signature(in_idx, outpoint_tx_or_script, block_timestamp=Time.now.to_i)
+      #
+      # options are: verify_sigpushonly, verify_minimaldata, verify_cleanstack, verify_dersig, verify_low_s, verify_strictenc
+      def verify_input_signature(in_idx, outpoint_tx_or_script, block_timestamp=Time.now.to_i, opts={})
+        if @enable_bitcoinconsensus
+          return bitcoinconsensus_verify_script(in_idx, outpoint_tx_or_script, block_timestamp, opts)
+        end
+
         outpoint_idx  = @in[in_idx].prev_out_index
         script_sig    = @in[in_idx].script_sig
         
@@ -173,10 +180,39 @@ module Bitcoin
         end
 
         @scripts[in_idx] = Bitcoin::Script.new(script_sig, script_pubkey)
-        @scripts[in_idx].run(block_timestamp) do |pubkey,sig,hash_type,subscript|
+        return false if opts[:verify_sigpushonly] && !@scripts[in_idx].is_push_only?(script_sig)
+        return false if opts[:verify_minimaldata] && !@scripts[in_idx].pushes_are_canonical?
+        sig_valid = @scripts[in_idx].run(block_timestamp, opts) do |pubkey,sig,hash_type,subscript|
           hash = signature_hash_for_input(in_idx, subscript, hash_type)
           Bitcoin.verify_signature( hash, sig, pubkey.unpack("H*")[0] )
         end
+        # BIP62 rule #6
+        return false if opts[:verify_cleanstack] && !@scripts[in_idx].stack.empty?
+
+        return sig_valid
+      end
+
+      def bitcoinconsensus_verify_script(in_idx, outpoint_tx_or_script, block_timestamp=Time.now.to_i, opts={})
+        raise "Bitcoin::BitcoinConsensus shared library not found" unless Bitcoin::BitcoinConsensus.lib_available?
+
+        # If given an entire previous transaction, take the script from it
+        script_pubkey = if outpoint_tx_or_script.respond_to?(:out)
+          outpoint_idx  = @in[in_idx].prev_out_index
+          outpoint_tx_or_script.out[outpoint_idx].pk_script
+        else
+          # Otherwise, it's already a script.
+          outpoint_tx_or_script
+        end
+
+        flags  = Bitcoin::BitcoinConsensus::SCRIPT_VERIFY_NONE
+        flags |= Bitcoin::BitcoinConsensus::SCRIPT_VERIFY_P2SH        if block_timestamp >= 1333238400
+        flags |= Bitcoin::BitcoinConsensus::SCRIPT_VERIFY_SIGPUSHONLY if opts[:verify_sigpushonly]
+        flags |= Bitcoin::BitcoinConsensus::SCRIPT_VERIFY_MINIMALDATA if opts[:verify_minimaldata]
+        flags |= Bitcoin::BitcoinConsensus::SCRIPT_VERIFY_CLEANSTACK  if opts[:verify_cleanstack]
+        flags |= Bitcoin::BitcoinConsensus::SCRIPT_VERIFY_LOW_S       if opts[:verify_low_s]
+
+        payload ||= to_payload
+        Bitcoin::BitcoinConsensus.verify_script(in_idx, script_pubkey, payload, flags)
       end
 
       # convert to ruby hash (see also #from_hash)
@@ -206,9 +242,11 @@ module Bitcoin
       # parse ruby hash (see also #to_hash)
       def self.from_hash(h)
         tx = new(nil)
-        tx.ver, tx.lock_time = *h.values_at('ver', 'lock_time')
-        h['in'] .each{|input|   tx.add_in  TxIn.from_hash(input)   }
-        h['out'].each{|output|  tx.add_out TxOut.from_hash(output) }
+        tx.ver, tx.lock_time = (h['ver'] || h['version']), h['lock_time']
+        ins  = h['in']  || h['inputs']
+        outs = h['out'] || h['outputs']
+        ins .each{|input|   tx.add_in  TxIn.from_hash(input)   }
+        outs.each{|output|  tx.add_out TxOut.from_hash(output) }
         tx.instance_eval{ @hash = hash_from_payload(@payload = to_payload) }
         tx
       end
@@ -228,13 +266,6 @@ module Bitcoin
       # read json block from a file
       def self.from_json_file(path); from_json( Bitcoin::Protocol.read_binary_file(path) ); end
 
-      # Get a Bitcoin::Validation object to validate this block. It needs a +store+
-      # to validate against, a block to validate tx chains inside one block, and
-      # optionally takes the +block_validator+ as an optimization.
-      def validator(store, block = nil, block_validator = nil)
-        @validator ||= Bitcoin::Validation::Tx.new(self, store, block, block_validator)
-      end
-
       def size
         payload.bytesize
       end
@@ -316,7 +347,7 @@ module Bitcoin
       end
 
       def normalized_hash
-        signature_hash_for_input(-1, nil, SIGHASH_TYPE[:all]).unpack("H*")[0]
+        signature_hash_for_input(-1, nil, SIGHASH_TYPE[:all]).reverse.hth
       end
       alias :nhash :normalized_hash
 

data/lib/bitcoin/protocol/txin.rb

@@ -85,11 +85,13 @@ module Bitcoin
       end
 
       def self.from_hash(input)
-        txin = TxIn.new([ input['prev_out']['hash'] ].pack('H*').reverse, input['prev_out']['n'])
+        previous_hash         = input['previous_transaction_hash'] || input['prev_out']['hash']
+        previous_output_index = input['output_index'] || input['prev_out']['n']
+        txin = TxIn.new([ previous_hash ].pack('H*').reverse, previous_output_index)
         if input['coinbase']
           txin.script_sig = [ input['coinbase'] ].pack("H*")
         else
-          txin.script_sig = Script.binary_from_string(input['scriptSig'])
+          txin.script_sig = Script.binary_from_string(input['scriptSig'] || input['script'])
         end
         txin.sequence = [ input['sequence'] || 0xffffffff ].pack("V")
         txin

data/lib/bitcoin/protocol/txout.rb

@@ -66,8 +66,8 @@ module Bitcoin
       end
 
       def self.from_hash(output)
-        amount = output['value'].gsub('.','').to_i
-        script = Script.binary_from_string(output['scriptPubKey'])
+        amount = output['value'] ? output['value'].gsub('.','').to_i : output['amount']
+        script = Script.binary_from_string(output['scriptPubKey'] || output['script'])
         new(amount, script)
       end
 

data/lib/bitcoin/script.rb

@@ -152,24 +152,25 @@ class Bitcoin::Script
 
   SIGHASH_TYPE = { all: 1, none: 2, single: 3, anyonecanpay: 128 }
 
-  attr_reader :raw, :chunks, :debug
+  attr_reader :raw, :chunks, :debug, :stack
 
   # create a new script. +bytes+ is typically input_script + output_script
   def initialize(input_script, previous_output_script=nil)
     @raw_byte_sizes = [input_script.bytesize, previous_output_script ? previous_output_script.bytesize : 0]
+    @input_script, @previous_output_script = input_script, previous_output_script
 
-    @raw = if previous_output_script
-             input_script + [ Bitcoin::Script::OP_CODESEPARATOR ].pack("C") + previous_output_script
+    @raw = if @previous_output_script
+             @input_script + [ Bitcoin::Script::OP_CODESEPARATOR ].pack("C") + @previous_output_script
            else
-             input_script
+             @input_script
            end
 
-    @chunks = parse(input_script)
+    @chunks = parse(@input_script)
 
     if previous_output_script
       @script_codeseparator_index = @chunks.size
       @chunks << Bitcoin::Script::OP_CODESEPARATOR
-      @chunks += parse(previous_output_script)
+      @chunks += parse(@previous_output_script)
     end
 
     @stack, @stack_alt, @exec_stack = [], [], []
@@ -354,8 +355,12 @@ class Bitcoin::Script
   end
 
   # script object of a string representation
-  def self.from_string(script_string)
-    new(binary_from_string(script_string))
+  def self.from_string(input_script, previous_output_script=nil)
+    if previous_output_script
+      new(binary_from_string(input_script), binary_from_string(previous_output_script))
+    else
+      new(binary_from_string(input_script))
+    end
   end
 
   class ScriptOpcodeError < StandardError; end
@@ -396,7 +401,7 @@ class Bitcoin::Script
   end
 
   # run the script. +check_callback+ is called for OP_CHECKSIG operations
-  def run(block_timestamp=Time.now.to_i, &check_callback)
+  def run(block_timestamp=Time.now.to_i, opts={}, &check_callback)
     return false if @parse_invalid
 
     #p [to_string, block_timestamp, is_p2sh?]
@@ -404,7 +409,7 @@ class Bitcoin::Script
     @last_codeseparator_index = 0
 
     if block_timestamp >= 1333238400 # Pay to Script Hash (BIP 0016)
-      return pay_to_script_hash(check_callback)  if is_p2sh?
+      return pay_to_script_hash(block_timestamp, opts, check_callback)  if is_p2sh?
     end
 
     @debug = []
@@ -430,7 +435,17 @@ class Bitcoin::Script
         when *OPCODES_METHOD.keys
           m = method( n=OPCODES_METHOD[chunk] )
           @debug << n.to_s.upcase
-          (m.arity == 1) ? m.call(check_callback) : m.call  # invoke opcode method
+          # invoke opcode method
+          case m.arity
+          when 0
+            m.call
+          when 1
+            m.call(check_callback)
+          when -2 # One fixed parameter, one optional
+            m.call(check_callback, opts)
+          else
+            puts "Bitcoin::Script: opcode #{name} method parameters invalid"
+          end
         when *OP_2_16
           @stack << OP_2_16.index(chunk) + 2
           @debug << "OP_#{chunk-80}"
@@ -473,17 +488,19 @@ class Bitcoin::Script
   # pay_to_script_hash: https://en.bitcoin.it/wiki/BIP_0016
   #
   # <sig> {<pub> OP_CHECKSIG} | OP_HASH160 <script_hash> OP_EQUAL
-  def pay_to_script_hash(check_callback)
+  def pay_to_script_hash(block_timestamp, opts, check_callback)
     return false if @chunks.size < 4
     *rest, script, _, script_hash, _ = @chunks
     script = rest.pop if script == OP_CODESEPARATOR
     script, script_hash = cast_to_string(script), cast_to_string(script_hash)
 
     return false unless Bitcoin.hash160(script.unpack("H*")[0]) == script_hash.unpack("H*")[0]
+    return true  if check_callback == :check
 
     script = self.class.new(to_binary(rest) + script).inner_p2sh!(script)
-    result = script.run(&check_callback)
+    result = script.run(block_timestamp, opts, &check_callback)
     @debug = script.debug
+    @stack = script.stack # Set the execution stack to match the redeem script, so checks on stack contents at end of script execution validate correctly
     result
   end
 
@@ -501,11 +518,23 @@ class Bitcoin::Script
     script
   end
 
+  # is this a :script_hash (pay-to-script-hash/p2sh) script?
   def is_pay_to_script_hash?
     return false  if @inner_p2sh
-    return false  unless @chunks[-2].is_a?(String)
-    @chunks.size >= 3 && @chunks[-3] == OP_HASH160 &&
-      @chunks[-2].bytesize == 20 && @chunks[-1] == OP_EQUAL
+    if @previous_output_script
+      chunks = Bitcoin::Script.new(@previous_output_script).chunks
+      chunks.size == 3 &&
+      chunks[-3] == OP_HASH160 &&
+      chunks[-2].is_a?(String) && chunks[-2].bytesize == 20 &&
+      chunks[-1] == OP_EQUAL
+    else
+      @chunks.size >= 3 &&
+      @chunks[-3] == OP_HASH160 &&
+      @chunks[-2].is_a?(String) && @chunks[-2].bytesize == 20 &&
+      @chunks[-1] == OP_EQUAL &&
+      # make sure the script_sig matches the p2sh hash from the pk_script (if there is one)
+      (@chunks.size > 3 ? pay_to_script_hash(nil, nil, :check) : true)
+    end
   end
   alias :is_p2sh? :is_pay_to_script_hash?
 
@@ -540,6 +569,54 @@ class Bitcoin::Script
     @chunks[0] == OP_RETURN && @chunks.size <= 2
   end
 
+  # Verify the script is only pushing data onto the stack
+  def is_push_only?(script_data=nil)
+    check_pushes(push_only=true, canonical_only=false, (script_data||@input_script))
+  end
+
+  # Make sure opcodes used to push data match their intended length ranges
+  def pushes_are_canonical?(script_data=nil)
+    check_pushes(push_only=false, canonical_only=true, (script_data||@raw))
+  end
+
+  def check_pushes(push_only=true, canonical_only=false, buf)
+    program = buf.unpack("C*")
+    until program.empty?
+      opcode = program.shift
+      if opcode > OP_16
+        return false if push_only
+        next
+      end
+      if opcode < OP_PUSHDATA1 && opcode > OP_0
+        # Could have used an OP_n code, rather than a 1-byte push.
+        return false if canonical_only && opcode == 1 && program[0] <= 16
+        program.shift(opcode)
+      end
+      if opcode == OP_PUSHDATA1
+        len = program.shift(1)[0]
+        # Could have used a normal n-byte push, rather than OP_PUSHDATA1.
+        return false if canonical_only && len < OP_PUSHDATA1
+        program.shift(len)
+      end
+      if opcode == OP_PUSHDATA2
+        len = program.shift(2).pack("C*").unpack("v")[0]
+        # Could have used an OP_PUSHDATA1.
+        return false if canonical_only && len <= 0xff
+        program.shift(len)
+      end
+      if opcode == OP_PUSHDATA4
+        len = program.shift(4).pack("C*").unpack("V")[0]
+        # Could have used an OP_PUSHDATA2.
+        return false if canonical_only && len <= 0xffff
+        program.shift(len)
+      end
+    end
+    true
+  rescue => ex
+    # catch parsing errors
+    false
+  end
+
   # get type of this tx
   def type
     if is_hash160?;     :hash160
@@ -671,9 +748,8 @@ class Bitcoin::Script
   # generate input script sig spending a pubkey output with given +signature+ and +pubkey+.
   # returns a raw binary script sig of the form:
   #  <signature> [<pubkey>]
-  def self.to_pubkey_script_sig(signature, pubkey)
-    hash_type = [ SIGHASH_TYPE[:all] ].pack("C")
-    buf = pack_pushdata(signature + hash_type)
+  def self.to_pubkey_script_sig(signature, pubkey, hash_type = SIGHASH_TYPE[:all])
+    buf = pack_pushdata(signature + [hash_type].pack("C"))
     return buf unless pubkey
 
     expected_size = case pubkey[0]
@@ -704,8 +780,9 @@ class Bitcoin::Script
   # returns a raw binary script sig of the form:
   #  OP_0 <sig> [<sig> ...]
   def self.to_multisig_script_sig(*sigs)
+    hash_type = sigs.last.is_a?(Numeric) ? sigs.pop : SIGHASH_TYPE[:all]
     partial_script = [OP_0].pack("C*")
-    sigs.reverse_each{ |sig| partial_script = add_sig_to_multisig_script_sig(sig, partial_script) }
+    sigs.reverse_each{ |sig| partial_script = add_sig_to_multisig_script_sig(sig, partial_script, hash_type) }
     partial_script
   end
 
@@ -713,8 +790,8 @@ class Bitcoin::Script
   # another signature to it after the OP_0. Used to sign a tx by
   # multiple parties. Signatures must be in the same order as the
   # pubkeys in the output script being redeemed.
-  def self.add_sig_to_multisig_script_sig(sig, script_sig)
-    signature = sig + [SIGHASH_TYPE[:all]].pack("C*")
+  def self.add_sig_to_multisig_script_sig(sig, script_sig, hash_type = SIGHASH_TYPE[:all])
+    signature = sig + [hash_type].pack("C*")
     offset = script_sig.empty? ? 0 : 1
     script_sig.insert(offset, pack_pushdata(signature))
   end
@@ -726,6 +803,25 @@ class Bitcoin::Script
     to_multisig_script_sig(*sigs.flatten) + pack_pushdata(redeem_script)
   end
 
+  # Sort signatures in the given +script_sig+ according to the order of pubkeys in
+  # the redeem script. Also needs the +sig_hash+ to match signatures to pubkeys.
+  def self.sort_p2sh_multisig_signatures script_sig, sig_hash
+    script = new(script_sig)
+    redeem_script = new(script.chunks[-1])
+    pubkeys = redeem_script.get_multisig_pubkeys
+
+    # find the pubkey for each signature by trying to verify it
+    sigs = Hash[script.chunks[1...-1].map.with_index do |sig, idx|
+      pubkey = pubkeys.map {|key|
+        Bitcoin::Key.new(nil, key.hth).verify(sig_hash, sig) ? key : nil }.compact.first
+      raise "Key for signature ##{idx} not found in redeem script!"  unless pubkey
+      [pubkey, sig]
+    end]
+
+    [OP_0].pack("C*") + pubkeys.map {|k| sigs[k] ? pack_pushdata(sigs[k]) : nil }.join +
+      pack_pushdata(redeem_script.raw)
+  end
+
   def get_signatures_required
     return false unless is_multisig?
     @chunks[0] - 80
@@ -1240,14 +1336,14 @@ class Bitcoin::Script
   # do a CHECKSIG operation on the current stack,
   # asking +check_callback+ to do the actual signature verification.
   # This is used by Protocol::Tx#verify_input_signature
-  def op_checksig(check_callback)
+  def op_checksig(check_callback, opts={})
     return invalid if @stack.size < 2
     pubkey = cast_to_string(@stack.pop)
-    #return (@stack << 0) unless Bitcoin::Script.is_canonical_pubkey?(pubkey) # only for isStandard
+    return (@stack << 0) unless Bitcoin::Script.check_pubkey_encoding?(pubkey, opts)
     drop_sigs      = [ cast_to_string(@stack[-1]) ]
 
     signature = cast_to_string(@stack.pop)
-    #return (@stack << 0) unless Bitcoin::Script.is_canonical_signature?(signature) # only for isStandard
+    return invalid unless Bitcoin::Script.check_signature_encoding?(signature, opts)
     return (@stack << 0) if signature == ""
 
     sig, hash_type = parse_sig(signature)
@@ -1271,8 +1367,8 @@ class Bitcoin::Script
   end
 
   # Same as OP_CHECKSIG, but OP_VERIFY is executed afterward.
-  def op_checksigverify(check_callback)
-    op_checksig(check_callback)
+  def op_checksigverify(check_callback, opts={})
+    op_checksig(check_callback, opts)
     op_verify
   end
 
@@ -1289,7 +1385,7 @@ class Bitcoin::Script
   #
   # TODO: validate signature order
   # TODO: take global opcode count
-  def op_checkmultisig(check_callback)
+  def op_checkmultisig(check_callback, opts={})
     return invalid if @stack.size < 1
     n_pubkeys = pop_int
     return invalid  unless (0..20).include?(n_pubkeys)
@@ -1312,6 +1408,8 @@ class Bitcoin::Script
     success = true
     while success && n_sigs > 0
       sig, pub = sigs.pop, pubkeys.pop
+      return (@stack << 0) unless Bitcoin::Script.check_pubkey_encoding?(pub, opts)
+      return invalid unless Bitcoin::Script.check_signature_encoding?(sig, opts)
       unless sig && sig.size > 0
         success = false
         break
@@ -1330,8 +1428,8 @@ class Bitcoin::Script
   end
 
   # Same as OP_CHECKMULTISIG, but OP_VERIFY is executed afterward.
-  def op_checkmultisigverify(check_callback)
-    op_checkmultisig(check_callback)
+  def op_checkmultisigverify(check_callback, opts={})
+    op_checkmultisig(check_callback, opts)
     op_verify
   end
 
@@ -1346,7 +1444,12 @@ class Bitcoin::Script
   OPCODES_METHOD[0]  = :op_0
   OPCODES_METHOD[81] = :op_1
 
-  def self.is_canonical_pubkey?(pubkey)
+  def self.check_pubkey_encoding?(pubkey, opts={})
+    return false if opts[:verify_strictenc] && !is_compressed_or_uncompressed_pub_key?(pubkey)
+    true
+  end
+
+  def self.is_compressed_or_uncompressed_pub_key?(pubkey)
     return false if pubkey.bytesize < 33 # "Non-canonical public key: too short"
     case pubkey[0]
     when "\x04"
@@ -1359,21 +1462,93 @@ class Bitcoin::Script
     true
   end
 
+  # Loosely matches CheckSignatureEncoding()
+  def self.check_signature_encoding?(sig, opts={})
+    return true  if sig.bytesize == 0
+    return false if (opts[:verify_dersig] || opts[:verify_low_s] || opts[:verify_strictenc]) and !is_der_signature?(sig)
+    return false if opts[:verify_low_s] && !is_low_der_signature?(sig)
+    return false if opts[:verify_strictenc] && !is_defined_hashtype_signature?(sig)
+    true
+  end
 
-
-  def self.is_canonical_signature?(sig)
+  # Loosely correlates with IsDERSignature() from interpreter.cpp
+  def self.is_der_signature?(sig)
     return false if sig.bytesize < 9 # Non-canonical signature: too short
     return false if sig.bytesize > 73 # Non-canonical signature: too long
 
     s = sig.unpack("C*")
 
-    hash_type = s[-1] & (~(SIGHASH_TYPE[:anyonecanpay]))
-    return false if hash_type < SIGHASH_TYPE[:all]   ||  hash_type > SIGHASH_TYPE[:single] # Non-canonical signature: unknown hashtype byte
-
     return false if s[0] != 0x30 # Non-canonical signature: wrong type
     return false if s[1] != s.size-3 # Non-canonical signature: wrong length marker
 
-    # TODO: add/port rest from bitcoind
+    length_r = s[3]
+    return false if (5 + length_r) >= s.size # Non-canonical signature: S length misplaced
+    length_s = s[5+length_r]
+    return false if (length_r + length_s + 7) != s.size # Non-canonical signature: R+S length mismatch
+
+    return false if s[2] != 0x02 # Non-canonical signature: R value type mismatch
+
+    return false if length_r == 0 # Non-canonical signature: R length is zero
+
+    r_val = s.slice(4, length_r)
+    return false if r_val[0] & 0x80 != 0 # Non-canonical signature: R value negative
+
+    return false if length_r > 1 && (r_val[0] == 0x00) && !(r_val[1] & 0x80 != 0) # Non-canonical signature: R value excessively padded
+
+    s_val = s.slice(6 + length_r, length_s)
+    return false if s[6 + length_r - 2] != 0x02 # Non-canonical signature: S value type mismatch
+
+    return false if length_s == 0 # Non-canonical signature: S length is zero
+    return false if (s_val[0] & 0x80) != 0 # Non-canonical signature: S value negative
+
+    return false if length_s > 1 && (s_val[0] == 0x00) && !(s_val[1] & 0x80) # Non-canonical signature: S value excessively padded
+
+    true
+  end
+
+  # Compares two arrays of bytes
+  def self.compare_big_endian(c1, c2)
+    c1, c2 = c1.dup, c2.dup # Clone the arrays
+
+    while c1.size > c2.size
+      return 1 if c1.shift > 0
+    end
+
+    while c2.size > c1.size
+      return -1 if c2.shift > 0
+    end
+
+    c1.size.times{|idx| return c1[idx] - c2[idx] if c1[idx] != c2[idx] }
+    0
+  end
+
+  # Loosely correlates with IsLowDERSignature() from interpreter.cpp
+  def self.is_low_der_signature?(sig)
+    s = sig.unpack("C*")
+
+    length_r = s[3]
+    length_s = s[5+length_r]
+    s_val = s.slice(6 + length_r, length_s)
+
+    # If the S value is above the order of the curve divided by two, its
+    # complement modulo the order could have been used instead, which is
+    # one byte shorter when encoded correctly.
+    max_mod_half_order = [
+      0x7f,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
+      0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
+      0x5d,0x57,0x6e,0x73,0x57,0xa4,0x50,0x1d,
+      0xdf,0xe9,0x2f,0x46,0x68,0x1b,0x20,0xa0]
+
+    compare_big_endian(s_val, [0]) > 0 &&
+      compare_big_endian(s_val, max_mod_half_order) <= 0
+  end
+
+  def self.is_defined_hashtype_signature?(sig)
+    return false if sig.empty?
+
+    s = sig.unpack("C*")
+    hash_type = s[-1] & (~(SIGHASH_TYPE[:anyonecanpay]))
+    return false if hash_type < SIGHASH_TYPE[:all]   ||  hash_type > SIGHASH_TYPE[:single] # Non-canonical signature: unknown hashtype byte
 
     true
   end