Bitcoin Core  21.99.0
P2P Digital Currency
sign.cpp
Go to the documentation of this file.
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2020 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 
6 #include <script/sign.h>
7 
8 #include <key.h>
9 #include <policy/policy.h>
10 #include <primitives/transaction.h>
11 #include <script/signingprovider.h>
12 #include <script/standard.h>
13 #include <uint256.h>
14 
15 typedef std::vector<unsigned char> valtype;
16 
17 MutableTransactionSignatureCreator::MutableTransactionSignatureCreator(const CMutableTransaction* txToIn, unsigned int nInIn, const CAmount& amountIn, int nHashTypeIn) : txTo(txToIn), nIn(nInIn), nHashType(nHashTypeIn), amount(amountIn), checker(txTo, nIn, amountIn, MissingDataBehavior::FAIL) {}
18 
19 bool MutableTransactionSignatureCreator::CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& address, const CScript& scriptCode, SigVersion sigversion) const
20 {
21  CKey key;
22  if (!provider.GetKey(address, key))
23  return false;
24 
25  // Signing with uncompressed keys is disabled in witness scripts
26  if (sigversion == SigVersion::WITNESS_V0 && !key.IsCompressed())
27  return false;
28 
29  // Signing for witness scripts needs the amount.
30  if (sigversion == SigVersion::WITNESS_V0 && amount < 0) return false;
31 
32  uint256 hash = SignatureHash(scriptCode, *txTo, nIn, nHashType, amount, sigversion);
33  if (!key.Sign(hash, vchSig))
34  return false;
35  vchSig.push_back((unsigned char)nHashType);
36  return true;
37 }
38 
39 static bool GetCScript(const SigningProvider& provider, const SignatureData& sigdata, const CScriptID& scriptid, CScript& script)
40 {
41  if (provider.GetCScript(scriptid, script)) {
42  return true;
43  }
44  // Look for scripts in SignatureData
45  if (CScriptID(sigdata.redeem_script) == scriptid) {
46  script = sigdata.redeem_script;
47  return true;
48  } else if (CScriptID(sigdata.witness_script) == scriptid) {
49  script = sigdata.witness_script;
50  return true;
51  }
52  return false;
53 }
54 
55 static bool GetPubKey(const SigningProvider& provider, const SignatureData& sigdata, const CKeyID& address, CPubKey& pubkey)
56 {
57  // Look for pubkey in all partial sigs
58  const auto it = sigdata.signatures.find(address);
59  if (it != sigdata.signatures.end()) {
60  pubkey = it->second.first;
61  return true;
62  }
63  // Look for pubkey in pubkey list
64  const auto& pk_it = sigdata.misc_pubkeys.find(address);
65  if (pk_it != sigdata.misc_pubkeys.end()) {
66  pubkey = pk_it->second.first;
67  return true;
68  }
69  // Query the underlying provider
70  return provider.GetPubKey(address, pubkey);
71 }
72 
73 static bool CreateSig(const BaseSignatureCreator& creator, SignatureData& sigdata, const SigningProvider& provider, std::vector<unsigned char>& sig_out, const CPubKey& pubkey, const CScript& scriptcode, SigVersion sigversion)
74 {
75  CKeyID keyid = pubkey.GetID();
76  const auto it = sigdata.signatures.find(keyid);
77  if (it != sigdata.signatures.end()) {
78  sig_out = it->second.second;
79  return true;
80  }
81  KeyOriginInfo info;
82  if (provider.GetKeyOrigin(keyid, info)) {
83  sigdata.misc_pubkeys.emplace(keyid, std::make_pair(pubkey, std::move(info)));
84  }
85  if (creator.CreateSig(provider, sig_out, keyid, scriptcode, sigversion)) {
86  auto i = sigdata.signatures.emplace(keyid, SigPair(pubkey, sig_out));
87  assert(i.second);
88  return true;
89  }
90  // Could not make signature or signature not found, add keyid to missing
91  sigdata.missing_sigs.push_back(keyid);
92  return false;
93 }
94 
101 static bool SignStep(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& scriptPubKey,
102  std::vector<valtype>& ret, TxoutType& whichTypeRet, SigVersion sigversion, SignatureData& sigdata)
103 {
104  CScript scriptRet;
105  uint160 h160;
106  ret.clear();
107  std::vector<unsigned char> sig;
108 
109  std::vector<valtype> vSolutions;
110  whichTypeRet = Solver(scriptPubKey, vSolutions);
111 
112  switch (whichTypeRet) {
117  return false;
118  case TxoutType::PUBKEY:
119  if (!CreateSig(creator, sigdata, provider, sig, CPubKey(vSolutions[0]), scriptPubKey, sigversion)) return false;
120  ret.push_back(std::move(sig));
121  return true;
122  case TxoutType::PUBKEYHASH: {
123  CKeyID keyID = CKeyID(uint160(vSolutions[0]));
124  CPubKey pubkey;
125  if (!GetPubKey(provider, sigdata, keyID, pubkey)) {
126  // Pubkey could not be found, add to missing
127  sigdata.missing_pubkeys.push_back(keyID);
128  return false;
129  }
130  if (!CreateSig(creator, sigdata, provider, sig, pubkey, scriptPubKey, sigversion)) return false;
131  ret.push_back(std::move(sig));
132  ret.push_back(ToByteVector(pubkey));
133  return true;
134  }
136  h160 = uint160(vSolutions[0]);
137  if (GetCScript(provider, sigdata, CScriptID{h160}, scriptRet)) {
138  ret.push_back(std::vector<unsigned char>(scriptRet.begin(), scriptRet.end()));
139  return true;
140  }
141  // Could not find redeemScript, add to missing
142  sigdata.missing_redeem_script = h160;
143  return false;
144 
145  case TxoutType::MULTISIG: {
146  size_t required = vSolutions.front()[0];
147  ret.push_back(valtype()); // workaround CHECKMULTISIG bug
148  for (size_t i = 1; i < vSolutions.size() - 1; ++i) {
149  CPubKey pubkey = CPubKey(vSolutions[i]);
150  // We need to always call CreateSig in order to fill sigdata with all
151  // possible signatures that we can create. This will allow further PSBT
152  // processing to work as it needs all possible signature and pubkey pairs
153  if (CreateSig(creator, sigdata, provider, sig, pubkey, scriptPubKey, sigversion)) {
154  if (ret.size() < required + 1) {
155  ret.push_back(std::move(sig));
156  }
157  }
158  }
159  bool ok = ret.size() == required + 1;
160  for (size_t i = 0; i + ret.size() < required + 1; ++i) {
161  ret.push_back(valtype());
162  }
163  return ok;
164  }
166  ret.push_back(vSolutions[0]);
167  return true;
168 
170  CRIPEMD160().Write(&vSolutions[0][0], vSolutions[0].size()).Finalize(h160.begin());
171  if (GetCScript(provider, sigdata, CScriptID{h160}, scriptRet)) {
172  ret.push_back(std::vector<unsigned char>(scriptRet.begin(), scriptRet.end()));
173  return true;
174  }
175  // Could not find witnessScript, add to missing
176  sigdata.missing_witness_script = uint256(vSolutions[0]);
177  return false;
178  } // no default case, so the compiler can warn about missing cases
179  assert(false);
180 }
181 
182 static CScript PushAll(const std::vector<valtype>& values)
183 {
184  CScript result;
185  for (const valtype& v : values) {
186  if (v.size() == 0) {
187  result << OP_0;
188  } else if (v.size() == 1 && v[0] >= 1 && v[0] <= 16) {
189  result << CScript::EncodeOP_N(v[0]);
190  } else if (v.size() == 1 && v[0] == 0x81) {
191  result << OP_1NEGATE;
192  } else {
193  result << v;
194  }
195  }
196  return result;
197 }
198 
199 bool ProduceSignature(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& fromPubKey, SignatureData& sigdata)
200 {
201  if (sigdata.complete) return true;
202 
203  std::vector<valtype> result;
204  TxoutType whichType;
205  bool solved = SignStep(provider, creator, fromPubKey, result, whichType, SigVersion::BASE, sigdata);
206  bool P2SH = false;
207  CScript subscript;
208  sigdata.scriptWitness.stack.clear();
209 
210  if (solved && whichType == TxoutType::SCRIPTHASH)
211  {
212  // Solver returns the subscript that needs to be evaluated;
213  // the final scriptSig is the signatures from that
214  // and then the serialized subscript:
215  subscript = CScript(result[0].begin(), result[0].end());
216  sigdata.redeem_script = subscript;
217  solved = solved && SignStep(provider, creator, subscript, result, whichType, SigVersion::BASE, sigdata) && whichType != TxoutType::SCRIPTHASH;
218  P2SH = true;
219  }
220 
221  if (solved && whichType == TxoutType::WITNESS_V0_KEYHASH)
222  {
223  CScript witnessscript;
224  witnessscript << OP_DUP << OP_HASH160 << ToByteVector(result[0]) << OP_EQUALVERIFY << OP_CHECKSIG;
225  TxoutType subType;
226  solved = solved && SignStep(provider, creator, witnessscript, result, subType, SigVersion::WITNESS_V0, sigdata);
227  sigdata.scriptWitness.stack = result;
228  sigdata.witness = true;
229  result.clear();
230  }
231  else if (solved && whichType == TxoutType::WITNESS_V0_SCRIPTHASH)
232  {
233  CScript witnessscript(result[0].begin(), result[0].end());
234  sigdata.witness_script = witnessscript;
235  TxoutType subType;
236  solved = solved && SignStep(provider, creator, witnessscript, result, subType, SigVersion::WITNESS_V0, sigdata) && subType != TxoutType::SCRIPTHASH && subType != TxoutType::WITNESS_V0_SCRIPTHASH && subType != TxoutType::WITNESS_V0_KEYHASH;
237  result.push_back(std::vector<unsigned char>(witnessscript.begin(), witnessscript.end()));
238  sigdata.scriptWitness.stack = result;
239  sigdata.witness = true;
240  result.clear();
241  } else if (solved && whichType == TxoutType::WITNESS_UNKNOWN) {
242  sigdata.witness = true;
243  }
244 
245  if (P2SH) {
246  result.push_back(std::vector<unsigned char>(subscript.begin(), subscript.end()));
247  }
248  sigdata.scriptSig = PushAll(result);
249 
250  // Test solution
251  sigdata.complete = solved && VerifyScript(sigdata.scriptSig, fromPubKey, &sigdata.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, creator.Checker());
252  return sigdata.complete;
253 }
254 
255 namespace {
256 class SignatureExtractorChecker final : public DeferringSignatureChecker
257 {
258 private:
259  SignatureData& sigdata;
260 
261 public:
262  SignatureExtractorChecker(SignatureData& sigdata, BaseSignatureChecker& checker) : DeferringSignatureChecker(checker), sigdata(sigdata) {}
263 
264  bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
265  {
266  if (m_checker.CheckECDSASignature(scriptSig, vchPubKey, scriptCode, sigversion)) {
267  CPubKey pubkey(vchPubKey);
268  sigdata.signatures.emplace(pubkey.GetID(), SigPair(pubkey, scriptSig));
269  return true;
270  }
271  return false;
272  }
273 };
274 
275 struct Stacks
276 {
277  std::vector<valtype> script;
278  std::vector<valtype> witness;
279 
280  Stacks() = delete;
281  Stacks(const Stacks&) = delete;
282  explicit Stacks(const SignatureData& data) : witness(data.scriptWitness.stack) {
284  }
285 };
286 }
287 
288 // Extracts signatures and scripts from incomplete scriptSigs. Please do not extend this, use PSBT instead
289 SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn, const CTxOut& txout)
290 {
291  SignatureData data;
292  assert(tx.vin.size() > nIn);
293  data.scriptSig = tx.vin[nIn].scriptSig;
294  data.scriptWitness = tx.vin[nIn].scriptWitness;
295  Stacks stack(data);
296 
297  // Get signatures
299  SignatureExtractorChecker extractor_checker(data, tx_checker);
300  if (VerifyScript(data.scriptSig, txout.scriptPubKey, &data.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, extractor_checker)) {
301  data.complete = true;
302  return data;
303  }
304 
305  // Get scripts
306  std::vector<std::vector<unsigned char>> solutions;
307  TxoutType script_type = Solver(txout.scriptPubKey, solutions);
308  SigVersion sigversion = SigVersion::BASE;
309  CScript next_script = txout.scriptPubKey;
310 
311  if (script_type == TxoutType::SCRIPTHASH && !stack.script.empty() && !stack.script.back().empty()) {
312  // Get the redeemScript
313  CScript redeem_script(stack.script.back().begin(), stack.script.back().end());
314  data.redeem_script = redeem_script;
315  next_script = std::move(redeem_script);
316 
317  // Get redeemScript type
318  script_type = Solver(next_script, solutions);
319  stack.script.pop_back();
320  }
321  if (script_type == TxoutType::WITNESS_V0_SCRIPTHASH && !stack.witness.empty() && !stack.witness.back().empty()) {
322  // Get the witnessScript
323  CScript witness_script(stack.witness.back().begin(), stack.witness.back().end());
324  data.witness_script = witness_script;
325  next_script = std::move(witness_script);
326 
327  // Get witnessScript type
328  script_type = Solver(next_script, solutions);
329  stack.witness.pop_back();
330  stack.script = std::move(stack.witness);
331  stack.witness.clear();
332  sigversion = SigVersion::WITNESS_V0;
333  }
334  if (script_type == TxoutType::MULTISIG && !stack.script.empty()) {
335  // Build a map of pubkey -> signature by matching sigs to pubkeys:
336  assert(solutions.size() > 1);
337  unsigned int num_pubkeys = solutions.size()-2;
338  unsigned int last_success_key = 0;
339  for (const valtype& sig : stack.script) {
340  for (unsigned int i = last_success_key; i < num_pubkeys; ++i) {
341  const valtype& pubkey = solutions[i+1];
342  // We either have a signature for this pubkey, or we have found a signature and it is valid
343  if (data.signatures.count(CPubKey(pubkey).GetID()) || extractor_checker.CheckECDSASignature(sig, pubkey, next_script, sigversion)) {
344  last_success_key = i + 1;
345  break;
346  }
347  }
348  }
349  }
350 
351  return data;
352 }
353 
354 void UpdateInput(CTxIn& input, const SignatureData& data)
355 {
356  input.scriptSig = data.scriptSig;
357  input.scriptWitness = data.scriptWitness;
358 }
359 
361 {
362  if (complete) return;
363  if (sigdata.complete) {
364  *this = std::move(sigdata);
365  return;
366  }
367  if (redeem_script.empty() && !sigdata.redeem_script.empty()) {
368  redeem_script = sigdata.redeem_script;
369  }
370  if (witness_script.empty() && !sigdata.witness_script.empty()) {
371  witness_script = sigdata.witness_script;
372  }
373  signatures.insert(std::make_move_iterator(sigdata.signatures.begin()), std::make_move_iterator(sigdata.signatures.end()));
374 }
375 
376 bool SignSignature(const SigningProvider &provider, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType)
377 {
378  assert(nIn < txTo.vin.size());
379 
380  MutableTransactionSignatureCreator creator(&txTo, nIn, amount, nHashType);
381 
382  SignatureData sigdata;
383  bool ret = ProduceSignature(provider, creator, fromPubKey, sigdata);
384  UpdateInput(txTo.vin.at(nIn), sigdata);
385  return ret;
386 }
387 
388 bool SignSignature(const SigningProvider &provider, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType)
389 {
390  assert(nIn < txTo.vin.size());
391  const CTxIn& txin = txTo.vin[nIn];
392  assert(txin.prevout.n < txFrom.vout.size());
393  const CTxOut& txout = txFrom.vout[txin.prevout.n];
394 
395  return SignSignature(provider, txout.scriptPubKey, txTo, nIn, txout.nValue, nHashType);
396 }
397 
398 namespace {
400 class DummySignatureChecker final : public BaseSignatureChecker
401 {
402 public:
403  DummySignatureChecker() {}
404  bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override { return true; }
405 };
406 const DummySignatureChecker DUMMY_CHECKER;
407 
408 class DummySignatureCreator final : public BaseSignatureCreator {
409 private:
410  char m_r_len = 32;
411  char m_s_len = 32;
412 public:
413  DummySignatureCreator(char r_len, char s_len) : m_r_len(r_len), m_s_len(s_len) {}
414  const BaseSignatureChecker& Checker() const override { return DUMMY_CHECKER; }
415  bool CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const override
416  {
417  // Create a dummy signature that is a valid DER-encoding
418  vchSig.assign(m_r_len + m_s_len + 7, '\000');
419  vchSig[0] = 0x30;
420  vchSig[1] = m_r_len + m_s_len + 4;
421  vchSig[2] = 0x02;
422  vchSig[3] = m_r_len;
423  vchSig[4] = 0x01;
424  vchSig[4 + m_r_len] = 0x02;
425  vchSig[5 + m_r_len] = m_s_len;
426  vchSig[6 + m_r_len] = 0x01;
427  vchSig[6 + m_r_len + m_s_len] = SIGHASH_ALL;
428  return true;
429  }
430 };
431 
432 }
433 
434 const BaseSignatureCreator& DUMMY_SIGNATURE_CREATOR = DummySignatureCreator(32, 32);
435 const BaseSignatureCreator& DUMMY_MAXIMUM_SIGNATURE_CREATOR = DummySignatureCreator(33, 32);
436 
437 bool IsSolvable(const SigningProvider& provider, const CScript& script)
438 {
439  // This check is to make sure that the script we created can actually be solved for and signed by us
440  // if we were to have the private keys. This is just to make sure that the script is valid and that,
441  // if found in a transaction, we would still accept and relay that transaction. In particular,
442  // it will reject witness outputs that require signing with an uncompressed public key.
443  SignatureData sigs;
444  // Make sure that STANDARD_SCRIPT_VERIFY_FLAGS includes SCRIPT_VERIFY_WITNESS_PUBKEYTYPE, the most
445  // important property this function is designed to test for.
446  static_assert(STANDARD_SCRIPT_VERIFY_FLAGS & SCRIPT_VERIFY_WITNESS_PUBKEYTYPE, "IsSolvable requires standard script flags to include WITNESS_PUBKEYTYPE");
447  if (ProduceSignature(provider, DUMMY_SIGNATURE_CREATOR, script, sigs)) {
448  // VerifyScript check is just defensive, and should never fail.
449  bool verified = VerifyScript(sigs.scriptSig, script, &sigs.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, DUMMY_CHECKER);
450  assert(verified);
451  return true;
452  }
453  return false;
454 }
455 
456 bool IsSegWitOutput(const SigningProvider& provider, const CScript& script)
457 {
458  std::vector<valtype> solutions;
459  auto whichtype = Solver(script, solutions);
460  if (whichtype == TxoutType::WITNESS_V0_SCRIPTHASH || whichtype == TxoutType::WITNESS_V0_KEYHASH || whichtype == TxoutType::WITNESS_UNKNOWN) return true;
461  if (whichtype == TxoutType::SCRIPTHASH) {
462  auto h160 = uint160(solutions[0]);
463  CScript subscript;
464  if (provider.GetCScript(CScriptID{h160}, subscript)) {
465  whichtype = Solver(subscript, solutions);
466  if (whichtype == TxoutType::WITNESS_V0_SCRIPTHASH || whichtype == TxoutType::WITNESS_V0_KEYHASH || whichtype == TxoutType::WITNESS_UNKNOWN) return true;
467  }
468  }
469  return false;
470 }
471 
472 bool SignTransaction(CMutableTransaction& mtx, const SigningProvider* keystore, const std::map<COutPoint, Coin>& coins, int nHashType, std::map<int, std::string>& input_errors)
473 {
474  bool fHashSingle = ((nHashType & ~SIGHASH_ANYONECANPAY) == SIGHASH_SINGLE);
475 
476  // Use CTransaction for the constant parts of the
477  // transaction to avoid rehashing.
478  const CTransaction txConst(mtx);
479  // Sign what we can:
480  for (unsigned int i = 0; i < mtx.vin.size(); i++) {
481  CTxIn& txin = mtx.vin[i];
482  auto coin = coins.find(txin.prevout);
483  if (coin == coins.end() || coin->second.IsSpent()) {
484  input_errors[i] = "Input not found or already spent";
485  continue;
486  }
487  const CScript& prevPubKey = coin->second.out.scriptPubKey;
488  const CAmount& amount = coin->second.out.nValue;
489 
490  SignatureData sigdata = DataFromTransaction(mtx, i, coin->second.out);
491  // Only sign SIGHASH_SINGLE if there's a corresponding output:
492  if (!fHashSingle || (i < mtx.vout.size())) {
493  ProduceSignature(*keystore, MutableTransactionSignatureCreator(&mtx, i, amount, nHashType), prevPubKey, sigdata);
494  }
495 
496  UpdateInput(txin, sigdata);
497 
498  // amount must be specified for valid segwit signature
499  if (amount == MAX_MONEY && !txin.scriptWitness.IsNull()) {
500  input_errors[i] = "Missing amount";
501  continue;
502  }
503 
504  ScriptError serror = SCRIPT_ERR_OK;
505  if (!VerifyScript(txin.scriptSig, prevPubKey, &txin.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, TransactionSignatureChecker(&txConst, i, amount, MissingDataBehavior::FAIL), &serror)) {
506  if (serror == SCRIPT_ERR_INVALID_STACK_OPERATION) {
507  // Unable to sign input and verification failed (possible attempt to partially sign).
508  input_errors[i] = "Unable to sign input, invalid stack size (possibly missing key)";
509  } else if (serror == SCRIPT_ERR_SIG_NULLFAIL) {
510  // Verification failed (possibly due to insufficient signatures).
511  input_errors[i] = "CHECK(MULTI)SIG failing with non-zero signature (possibly need more signatures)";
512  } else {
513  input_errors[i] = ScriptErrorString(serror);
514  }
515  } else {
516  // If this input succeeds, make sure there is no error set for it
517  input_errors.erase(i);
518  }
519  }
520  return input_errors.empty();
521 }
ScriptErrorString
std::string ScriptErrorString(const ScriptError serror)
Definition: script_error.cpp:10
SigVersion
SigVersion
Definition: interpreter.h:176
CTxIn
An input of a transaction.
Definition: transaction.h:65
CKey::IsCompressed
bool IsCompressed() const
Check whether the public key corresponding to this private key is (to be) compressed.
Definition: key.h:96
policy.h
CMutableTransaction::vin
std::vector< CTxIn > vin
Definition: transaction.h:346
OP_0
@ OP_0
Definition: script.h:68
CScriptWitness::IsNull
bool IsNull() const
Definition: script.h:565
SignatureData::missing_redeem_script
uint160 missing_redeem_script
ScriptID of the missing redeemScript (if any)
Definition: sign.h:71
Solver
TxoutType Solver(const CScript &scriptPubKey, std::vector< std::vector< unsigned char >> &vSolutionsRet)
Parse a scriptPubKey and identify script type for standard scripts.
Definition: standard.cpp:109
BaseSignatureCreator::CreateSig
virtual bool CreateSig(const SigningProvider &provider, std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const =0
Create a singular (non-script) signature.
SignatureData::scriptWitness
CScriptWitness scriptWitness
The scriptWitness of an input. Contains complete signatures or the traditional partial signatures for...
Definition: sign.h:66
CRIPEMD160
A hasher class for RIPEMD-160.
Definition: ripemd160.h:12
SCRIPT_VERIFY_STRICTENC
@ SCRIPT_VERIFY_STRICTENC
Definition: interpreter.h:51
SigVersion::BASE
@ BASE
Bare scripts and BIP16 P2SH-wrapped redeemscripts.
MissingDataBehavior
MissingDataBehavior
Enum to specify what *TransactionSignatureChecker's behavior should be when dealing with missing tran...
Definition: interpreter.h:253
TxoutType
TxoutType
Definition: standard.h:120
SCRIPT_ERR_OK
@ SCRIPT_ERR_OK
Definition: script_error.h:13
TxoutType::NONSTANDARD
@ NONSTANDARD
TxoutType::WITNESS_UNKNOWN
@ WITNESS_UNKNOWN
Only for Witness versions not already defined above.
DUMMY_SIGNATURE_CREATOR
const BaseSignatureCreator & DUMMY_SIGNATURE_CREATOR
A signature creator that just produces 71-byte empty signatures.
Definition: sign.cpp:434
SignatureData::MergeSignatureData
void MergeSignatureData(SignatureData sigdata)
Definition: sign.cpp:360
SCRIPT_VERIFY_WITNESS_PUBKEYTYPE
@ SCRIPT_VERIFY_WITNESS_PUBKEYTYPE
Definition: interpreter.h:123
transaction.h
CRIPEMD160::Finalize
void Finalize(unsigned char hash[OUTPUT_SIZE])
Definition: ripemd160.cpp:273
SCRIPT_ERR_SIG_NULLFAIL
@ SCRIPT_ERR_SIG_NULLFAIL
Definition: script_error.h:54
BaseSignatureChecker::CheckECDSASignature
virtual bool CheckECDSASignature(const std::vector< unsigned char > &scriptSig, const std::vector< unsigned char > &vchPubKey, const CScript &scriptCode, SigVersion sigversion) const
Definition: interpreter.h:227
SignStep
static bool SignStep(const SigningProvider &provider, const BaseSignatureCreator &creator, const CScript &scriptPubKey, std::vector< valtype > &ret, TxoutType &whichTypeRet, SigVersion sigversion, SignatureData &sigdata)
Sign scriptPubKey using signature made with creator.
Definition: sign.cpp:101
uint256.h
GenericTransactionSignatureChecker
Definition: interpreter.h:260
ToByteVector
std::vector< unsigned char > ToByteVector(const T &in)
Definition: script.h:59
SigningProvider
An interface to be implemented by keystores that support signing.
Definition: signingprovider.h:18
SIGHASH_SINGLE
@ SIGHASH_SINGLE
Definition: interpreter.h:28
MutableTransactionSignatureCreator
A signature creator for transactions.
Definition: sign.h:37
MutableTransactionSignatureCreator::nIn
unsigned int nIn
Definition: sign.h:39
CScript::EncodeOP_N
static opcodetype EncodeOP_N(int n)
Definition: script.h:504
OP_HASH160
@ OP_HASH160
Definition: script.h:179
BaseSignatureChecker
Definition: interpreter.h:224
CKeyID
A reference to a CKey: the Hash160 of its serialized public key.
Definition: pubkey.h:21
MissingDataBehavior::FAIL
@ FAIL
Just act as if the signature was invalid.
SigningProvider::GetPubKey
virtual bool GetPubKey(const CKeyID &address, CPubKey &pubkey) const
Definition: signingprovider.h:24
VerifyScript
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
Definition: interpreter.cpp:1960
TxoutType::WITNESS_V1_TAPROOT
@ WITNESS_V1_TAPROOT
CTransaction
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:259
ScriptError
enum ScriptError_t ScriptError
CTxIn::scriptWitness
CScriptWitness scriptWitness
Only serialized through CTransaction.
Definition: transaction.h:71
CTxOut::nValue
CAmount nValue
Definition: transaction.h:131
signingprovider.h
prevector::end
iterator end()
Definition: prevector.h:292
SigPair
std::pair< CPubKey, std::vector< unsigned char > > SigPair
Definition: sign.h:55
PushAll
static CScript PushAll(const std::vector< valtype > &values)
Definition: sign.cpp:182
TxoutType::WITNESS_V0_SCRIPTHASH
@ WITNESS_V0_SCRIPTHASH
TxoutType::PUBKEY
@ PUBKEY
DUMMY_MAXIMUM_SIGNATURE_CREATOR
const BaseSignatureCreator & DUMMY_MAXIMUM_SIGNATURE_CREATOR
A signature creator that just produces 72-byte empty signatures.
Definition: sign.cpp:435
MutableTransactionSignatureCreator::CreateSig
bool CreateSig(const SigningProvider &provider, std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const override
Create a singular (non-script) signature.
Definition: sign.cpp:19
SignatureData
Definition: sign.h:60
MutableTransactionSignatureCreator::amount
CAmount amount
Definition: sign.h:41
SigningProvider::GetKeyOrigin
virtual bool GetKeyOrigin(const CKeyID &keyid, KeyOriginInfo &info) const
Definition: signingprovider.h:27
SIGHASH_ANYONECANPAY
@ SIGHASH_ANYONECANPAY
Definition: interpreter.h:29
CTxOut
An output of a transaction.
Definition: transaction.h:128
SignSignature
bool SignSignature(const SigningProvider &provider, const CScript &fromPubKey, CMutableTransaction &txTo, unsigned int nIn, const CAmount &amount, int nHashType)
Produce a script signature for a transaction.
Definition: sign.cpp:376
CreateSig
static bool CreateSig(const BaseSignatureCreator &creator, SignatureData &sigdata, const SigningProvider &provider, std::vector< unsigned char > &sig_out, const CPubKey &pubkey, const CScript &scriptcode, SigVersion sigversion)
Definition: sign.cpp:73
CTransaction::vout
const std::vector< CTxOut > vout
Definition: transaction.h:271
CTxOut::scriptPubKey
CScript scriptPubKey
Definition: transaction.h:132
IsSegWitOutput
bool IsSegWitOutput(const SigningProvider &provider, const CScript &script)
Check whether a scriptPubKey is known to be segwit.
Definition: sign.cpp:456
OP_DUP
@ OP_DUP
Definition: script.h:117
SignatureData::redeem_script
CScript redeem_script
The redeemScript (if any) for the input.
Definition: sign.h:64
CRIPEMD160::Write
CRIPEMD160 & Write(const unsigned char *data, size_t len)
Definition: ripemd160.cpp:247
SignatureData::scriptSig
CScript scriptSig
The scriptSig of an input. Contains complete signatures or the traditional partial signatures format.
Definition: sign.h:63
SignatureData::witness
bool witness
Stores whether the input this SigData corresponds to is a witness input.
Definition: sign.h:62
sign.h
CKey::Sign
bool Sign(const uint256 &hash, std::vector< unsigned char > &vchSig, bool grind=true, uint32_t test_case=0) const
Create a DER-serialized signature.
Definition: key.cpp:210
CAmount
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12
standard.h
SigVersion::WITNESS_V0
@ WITNESS_V0
Witness v0 (P2WPKH and P2WSH); see BIP 141.
SignatureData::signatures
std::map< CKeyID, SigPair > signatures
BIP 174 style partial signatures for the input. May contain all signatures necessary for producing a ...
Definition: sign.h:67
SCRIPT_ERR_INVALID_STACK_OPERATION
@ SCRIPT_ERR_INVALID_STACK_OPERATION
Definition: script_error.h:36
SignatureData::missing_sigs
std::vector< CKeyID > missing_sigs
KeyIDs of pubkeys for signatures which could not be found.
Definition: sign.h:70
SignatureData::witness_script
CScript witness_script
The witnessScript (if any) for the input. witnessScripts are used in P2WSH outputs.
Definition: sign.h:65
TxoutType::SCRIPTHASH
@ SCRIPTHASH
SignatureData::complete
bool complete
Stores whether the scriptSig and scriptWitness are complete.
Definition: sign.h:61
uint256
256-bit opaque blob.
Definition: uint256.h:124
MutableTransactionSignatureCreator::nHashType
int nHashType
Definition: sign.h:40
SigningProvider::GetCScript
virtual bool GetCScript(const CScriptID &scriptid, CScript &script) const
Definition: signingprovider.h:22
OP_CHECKSIG
@ OP_CHECKSIG
Definition: script.h:182
CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:404
TxoutType::NULL_DATA
@ NULL_DATA
unspendable OP_RETURN script that carries data
TxoutType::PUBKEYHASH
@ PUBKEYHASH
ProduceSignature
bool ProduceSignature(const SigningProvider &provider, const BaseSignatureCreator &creator, const CScript &fromPubKey, SignatureData &sigdata)
Produce a script signature using a generic signature creator.
Definition: sign.cpp:199
MutableTransactionSignatureCreator::txTo
const CMutableTransaction * txTo
Definition: sign.h:38
SignatureData::missing_pubkeys
std::vector< CKeyID > missing_pubkeys
KeyIDs of pubkeys which could not be found.
Definition: sign.h:69
CMutableTransaction::vout
std::vector< CTxOut > vout
Definition: transaction.h:347
key.h
SIGHASH_ALL
@ SIGHASH_ALL
Definition: interpreter.h:26
uint160
160-bit opaque blob.
Definition: uint256.h:113
CPubKey
An encapsulated public key.
Definition: pubkey.h:31
CKey
An encapsulated private key.
Definition: key.h:27
SignatureHash
uint256 SignatureHash(const CScript &scriptCode, const T &txTo, unsigned int nIn, int nHashType, const CAmount &amount, SigVersion sigversion, const PrecomputedTransactionData *cache)
Definition: interpreter.cpp:1591
IsSolvable
bool IsSolvable(const SigningProvider &provider, const CScript &script)
Definition: sign.cpp:437
GetCScript
static bool GetCScript(const SigningProvider &provider, const SignatureData &sigdata, const CScriptID &scriptid, CScript &script)
Definition: sign.cpp:39
COutPoint::n
uint32_t n
Definition: transaction.h:30
SignatureData::misc_pubkeys
std::map< CKeyID, std::pair< CPubKey, KeyOriginInfo > > misc_pubkeys
Definition: sign.h:68
EvalScript
bool EvalScript(std::vector< std::vector< unsigned char > > &stack, const CScript &script, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror)
Definition: interpreter.cpp:431
DeferringSignatureChecker::CheckECDSASignature
bool CheckECDSASignature(const std::vector< unsigned char > &scriptSig, const std::vector< unsigned char > &vchPubKey, const CScript &scriptCode, SigVersion sigversion) const override
Definition: interpreter.h:293
DeferringSignatureChecker
Definition: interpreter.h:285
CTxIn::prevout
COutPoint prevout
Definition: transaction.h:68
MAX_MONEY
static const CAmount MAX_MONEY
No amount larger than this (in satoshi) is valid.
Definition: amount.h:25
CTxIn::scriptSig
CScript scriptSig
Definition: transaction.h:69
prevector::begin
iterator begin()
Definition: prevector.h:290
TxoutType::MULTISIG
@ MULTISIG
SigningProvider::GetKey
virtual bool GetKey(const CKeyID &address, CKey &key) const
Definition: signingprovider.h:25
OP_1NEGATE
@ OP_1NEGATE
Definition: script.h:73
prevector::empty
bool empty() const
Definition: prevector.h:286
BaseSignatureCreator::Checker
virtual const BaseSignatureChecker & Checker() const =0
valtype
std::vector< unsigned char > valtype
Definition: interpreter.cpp:15
UpdateInput
void UpdateInput(CTxIn &input, const SignatureData &data)
Definition: sign.cpp:354
SignatureData::missing_witness_script
uint256 missing_witness_script
SHA256 of the missing witnessScript (if any)
Definition: sign.h:72
STANDARD_SCRIPT_VERIFY_FLAGS
static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS
Standard script verification flags that standard transactions will comply with.
Definition: policy.h:60
TxoutType::WITNESS_V0_KEYHASH
@ WITNESS_V0_KEYHASH
CMutableTransaction
A mutable version of CTransaction.
Definition: transaction.h:344
MutableTransactionSignatureCreator::MutableTransactionSignatureCreator
MutableTransactionSignatureCreator(const CMutableTransaction *txToIn, unsigned int nInIn, const CAmount &amountIn, int nHashTypeIn=SIGHASH_ALL)
Definition: sign.cpp:17
BaseSignatureCreator
Interface for signature creators.
Definition: sign.h:27
CScriptID
A reference to a CScript: the Hash160 of its serialization (see script.h)
Definition: standard.h:86
DataFromTransaction
SignatureData DataFromTransaction(const CMutableTransaction &tx, unsigned int nIn, const CTxOut &txout)
Extract signature data from a transaction input, and insert it.
Definition: sign.cpp:289
GetPubKey
static bool GetPubKey(const SigningProvider &provider, const SignatureData &sigdata, const CKeyID &address, CPubKey &pubkey)
Definition: sign.cpp:55
assert
assert(std::addressof(::ChainstateActive().CoinsTip())==std::addressof(coins_cache))
OP_EQUALVERIFY
@ OP_EQUALVERIFY
Definition: script.h:139
base_blob::begin
unsigned char * begin()
Definition: uint256.h:58
KeyOriginInfo
Definition: keyorigin.h:11
CScriptWitness::stack
std::vector< std::vector< unsigned char > > stack
Definition: script.h:560
valtype
std::vector< unsigned char > valtype
Definition: sign.cpp:15
CPubKey::GetID
CKeyID GetID() const
Get the KeyID of this public key (hash of its serialization)
Definition: pubkey.h:159
it
auto it
Definition: validation.cpp:399
SignTransaction
bool SignTransaction(CMutableTransaction &mtx, const SigningProvider *keystore, const std::map< COutPoint, Coin > &coins, int nHashType, std::map< int, std::string > &input_errors)
Sign the CMutableTransaction.
Definition: sign.cpp:472