doxygen/html/sign_8cpp_source.html

 // Copyright (c) 2009-2010 Satoshi Nakamoto
 // Copyright (c) 2009-2015 The Bitcoin Core developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.

 #include <script/sign.h>

 #include <key.h>
 #include <keystore.h>
 #include <policy/policy.h>
 #include <primitives/transaction.h>
 #include <script/standard.h>
 #include <uint256.h>


 typedef std::vector<unsigned char> valtype;

 TransactionSignatureCreator::TransactionSignatureCreator(const CKeyStore* keystoreIn, const CTransaction* txToIn, unsigned int nInIn, const CAmount& amountIn, int nHashTypeIn) : BaseSignatureCreator(keystoreIn), txTo(txToIn), nIn(nInIn), nHashType(nHashTypeIn), amount(amountIn), checker(txTo, nIn, amountIn) {}

 bool TransactionSignatureCreator::CreateSig(std::vector<unsigned char>& vchSig, const CKeyID& address, const CScript& scriptCode, SigVersion sigversion) const
 {
     CKey key;
     if (!keystore->GetKey(address, key))
         return false;

     uint256 hash = SignatureHash(scriptCode, *txTo, nIn, nHashType, amount, sigversion);
     if (!key.Sign(hash, vchSig))
         return false;
     vchSig.push_back((unsigned char)nHashType);
     return true;
 }

 static bool Sign1(const CKeyID& address, const BaseSignatureCreator& creator, const CScript& scriptCode, std::vector<valtype>& ret, SigVersion sigversion)
 {
     std::vector<unsigned char> vchSig;
     if (!creator.CreateSig(vchSig, address, scriptCode, sigversion))
         return false;
     ret.push_back(vchSig);
     return true;
 }

 static bool SignN(const std::vector<valtype>& multisigdata, const BaseSignatureCreator& creator, const CScript& scriptCode, std::vector<valtype>& ret, SigVersion sigversion)
 {
     int nSigned = 0;
     int nRequired = multisigdata.front()[0];
     for (unsigned int i = 1; i < multisigdata.size()-1 && nSigned < nRequired; i++)
     {
         const valtype& pubkey = multisigdata[i];
         CKeyID keyID = CPubKey(pubkey).GetID();
         if (Sign1(keyID, creator, scriptCode, ret, sigversion))
             ++nSigned;
     }
     return nSigned==nRequired;
 }

 static bool SignStep(const BaseSignatureCreator& creator, const CScript& scriptPubKey,
                      std::vector<valtype>& ret, txnouttype& whichTypeRet, SigVersion sigversion)
 {
     CScript scriptRet;
     uint160 h160;
     ret.clear();

     std::vector<valtype> vSolutions;
     if (!Solver(scriptPubKey, whichTypeRet, vSolutions))
         return false;

     CKeyID keyID;
     switch (whichTypeRet)
     {
     case TX_NONSTANDARD:
     case TX_NULL_DATA:
         return false;
     case TX_PUBKEY:
         keyID = CPubKey(vSolutions[0]).GetID();
         return Sign1(keyID, creator, scriptPubKey, ret, sigversion);
     case TX_PUBKEYHASH:
         keyID = CKeyID(uint160(vSolutions[0]));
         if (!Sign1(keyID, creator, scriptPubKey, ret, sigversion))
             return false;
         else
         {
             CPubKey vch;
             creator.KeyStore().GetPubKey(keyID, vch);
             ret.push_back(ToByteVector(vch));
         }
         return true;
     case TX_SCRIPTHASH:
         if (creator.KeyStore().GetCScript(uint160(vSolutions[0]), scriptRet)) {
             ret.push_back(std::vector<unsigned char>(scriptRet.begin(), scriptRet.end()));
             return true;
         }
         return false;

     case TX_MULTISIG:
         ret.push_back(valtype()); // workaround CHECKMULTISIG bug
         return (SignN(vSolutions, creator, scriptPubKey, ret, sigversion));

     default:
         return false;
     }
 }

 static CScript PushAll(const std::vector<valtype>& values)
 {
     CScript result;
     for(const valtype& v : values) {
         if (v.size() == 0) {
             result << OP_0;
         } else if (v.size() == 1 && v[0] >= 1 && v[0] <= 16) {
             result << CScript::EncodeOP_N(v[0]);
         } else {
             result << v;
         }
     }
     return result;
 }

 bool ProduceSignature(const BaseSignatureCreator& creator, const CScript& fromPubKey, SignatureData& sigdata)
 {
     CScript script = fromPubKey;
     bool solved = true;
     std::vector<valtype> result;
     txnouttype whichType;
     solved = SignStep(creator, script, result, whichType, SIGVERSION_BASE);
     bool P2SH = false;
     CScript subscript;

     if (solved && whichType == TX_SCRIPTHASH)
     {
         // Solver returns the subscript that needs to be evaluated;
         // the final scriptSig is the signatures from that
         // and then the serialized subscript:
         script = subscript = CScript(result[0].begin(), result[0].end());
         solved = solved && SignStep(creator, script, result, whichType, SIGVERSION_BASE) && whichType != TX_SCRIPTHASH;
         P2SH = true;
     }

     if (P2SH) {
         result.push_back(std::vector<unsigned char>(subscript.begin(), subscript.end()));
     }
     sigdata.scriptSig = PushAll(result);

     // Test solution
     return solved && VerifyScript(sigdata.scriptSig, fromPubKey, STANDARD_SCRIPT_VERIFY_FLAGS, creator.Checker());
 }

 SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn)
 {
     SignatureData data;
     assert(tx.vin.size() > nIn);
     data.scriptSig = tx.vin[nIn].scriptSig;
     return data;
 }

 void UpdateTransaction(CMutableTransaction& tx, unsigned int nIn, const SignatureData& data)
 {
     assert(tx.vin.size() > nIn);
     tx.vin[nIn].scriptSig = data.scriptSig;
 }

 bool SignSignature(const CKeyStore &keystore, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType)
 {
     assert(nIn < txTo.vin.size());

     CTransaction txToConst(txTo);
     TransactionSignatureCreator creator(&keystore, &txToConst, nIn, amount, nHashType);

     SignatureData sigdata;
     bool ret = ProduceSignature(creator, fromPubKey, sigdata);
     UpdateTransaction(txTo, nIn, sigdata);
     return ret;
 }

 bool SignSignature(const CKeyStore &keystore, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType)
 {
     assert(nIn < txTo.vin.size());
     CTxIn& txin = txTo.vin[nIn];
     assert(txin.prevout.n < txFrom.vout.size());
     const CTxOut& txout = txFrom.vout[txin.prevout.n];

     return SignSignature(keystore, txout.scriptPubKey, txTo, nIn, txout.nValue, nHashType);
 }

 static std::vector<valtype> CombineMultisig(const CScript& scriptPubKey, const BaseSignatureChecker& checker,
                                const std::vector<valtype>& vSolutions,
                                const std::vector<valtype>& sigs1, const std::vector<valtype>& sigs2, SigVersion sigversion)
 {
     // Combine all the signatures we've got:
     std::set<valtype> allsigs;
     for (const valtype& v : sigs1)
     {
         if (!v.empty())
             allsigs.insert(v);
     }
     for (const valtype& v : sigs2)
     {
         if (!v.empty())
             allsigs.insert(v);
     }

     // Build a map of pubkey -> signature by matching sigs to pubkeys:
     assert(vSolutions.size() > 1);
     unsigned int nSigsRequired = vSolutions.front()[0];
     unsigned int nPubKeys = vSolutions.size()-2;
     std::map<valtype, valtype> sigs;
     for (const valtype& sig : allsigs)
     {
         for (unsigned int i = 0; i < nPubKeys; i++)
         {
             const valtype& pubkey = vSolutions[i+1];
             if (sigs.count(pubkey))
                 continue; // Already got a sig for this pubkey

             if (checker.CheckSig(sig, pubkey, scriptPubKey, sigversion))
             {
                 sigs[pubkey] = sig;
                 break;
             }
         }
     }
     // Now build a merged CScript:
     unsigned int nSigsHave = 0;
     std::vector<valtype> result; result.push_back(valtype()); // pop-one-too-many workaround
     for (unsigned int i = 0; i < nPubKeys && nSigsHave < nSigsRequired; i++)
     {
         if (sigs.count(vSolutions[i+1]))
         {
             result.push_back(sigs[vSolutions[i+1]]);
             ++nSigsHave;
         }
     }
     // Fill any missing with OP_0:
     for (unsigned int i = nSigsHave; i < nSigsRequired; i++)
         result.push_back(valtype());

     return result;
 }

 namespace
 {
 struct Stacks
 {
     std::vector<valtype> script;

     Stacks() {}
     explicit Stacks(const std::vector<valtype>& scriptSigStack_) : script(scriptSigStack_) {}
     explicit Stacks(const SignatureData& data) {
         EvalScript(script, data.scriptSig, SCRIPT_VERIFY_STRICTENC, BaseSignatureChecker(), SIGVERSION_BASE);
     }

     SignatureData Output() const {
         SignatureData result;
         result.scriptSig = PushAll(script);
         return result;
     }
 };
 }

 static Stacks CombineSignatures(const CScript& scriptPubKey, const BaseSignatureChecker& checker,
                                  const txnouttype txType, const std::vector<valtype>& vSolutions,
                                  Stacks sigs1, Stacks sigs2, SigVersion sigversion)
 {
     switch (txType)
     {
     case TX_NONSTANDARD:
     case TX_NULL_DATA:
         // Don't know anything about this, assume bigger one is correct:
         if (sigs1.script.size() >= sigs2.script.size())
             return sigs1;
         return sigs2;
     case TX_PUBKEY:
     case TX_PUBKEYHASH:
         // Signatures are bigger than placeholders or empty scripts:
         if (sigs1.script.empty() || sigs1.script[0].empty())
             return sigs2;
         return sigs1;
     case TX_SCRIPTHASH:
         if (sigs1.script.empty() || sigs1.script.back().empty())
             return sigs2;
         else if (sigs2.script.empty() || sigs2.script.back().empty())
             return sigs1;
         else
         {
             // Recur to combine:
             valtype spk = sigs1.script.back();
             CScript pubKey2(spk.begin(), spk.end());

             txnouttype txType2;
             std::vector<std::vector<unsigned char> > vSolutions2;
             Solver(pubKey2, txType2, vSolutions2);
             sigs1.script.pop_back();
             sigs2.script.pop_back();
             Stacks result = CombineSignatures(pubKey2, checker, txType2, vSolutions2, sigs1, sigs2, sigversion);
             result.script.push_back(spk);
             return result;
         }
     case TX_MULTISIG:
         return Stacks(CombineMultisig(scriptPubKey, checker, vSolutions, sigs1.script, sigs2.script, sigversion));
     default:
         return Stacks();
     }
 }

 SignatureData CombineSignatures(const CScript& scriptPubKey, const BaseSignatureChecker& checker,
                           const SignatureData& scriptSig1, const SignatureData& scriptSig2)
 {
     txnouttype txType;
     std::vector<std::vector<unsigned char> > vSolutions;
     Solver(scriptPubKey, txType, vSolutions);

     return CombineSignatures(scriptPubKey, checker, txType, vSolutions, Stacks(scriptSig1), Stacks(scriptSig2), SIGVERSION_BASE).Output();
 }

 namespace {
 class DummySignatureChecker : public BaseSignatureChecker
 {
 public:
     DummySignatureChecker() {}

     bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
     {
         return true;
     }
 };
 const DummySignatureChecker dummyChecker;
 } // namespace

 const BaseSignatureChecker& DummySignatureCreator::Checker() const
 {
     return dummyChecker;
 }

 bool DummySignatureCreator::CreateSig(std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const
 {
     // Create a dummy signature that is a valid DER-encoding
     vchSig.assign(72, '\000');
     vchSig[0] = 0x30;
     vchSig[1] = 69;
     vchSig[2] = 0x02;
     vchSig[3] = 33;
     vchSig[4] = 0x01;
     vchSig[4 + 33] = 0x02;
     vchSig[5 + 33] = 32;
     vchSig[6 + 33] = 0x01;
     vchSig[6 + 33 + 32] = SIGHASH_ALL;
     return true;
 }
UpdateTransaction
void UpdateTransaction(CMutableTransaction &tx, unsigned int nIn, const SignatureData &data)
Definition: sign.cpp:161

DataFromTransaction
SignatureData DataFromTransaction(const CMutableTransaction &tx, unsigned int nIn)
Extract signature data from a transaction, and insert it.
Definition: sign.cpp:153

TX_PUBKEY
Definition: standard.h:60

TransactionSignatureCreator::nHashType
int nHashType
Definition: sign.h:37

TX_NULL_DATA
unspendable OP_RETURN script that carries data
Definition: standard.h:64

BaseSignatureChecker
Definition: interpreter.h:116

SignN
static bool SignN(const std::vector< valtype > &multisigdata, const BaseSignatureCreator &creator, const CScript &scriptCode, std::vector< valtype > &ret, SigVersion sigversion)
Definition: sign.cpp:42

sign.h

SignSignature
bool SignSignature(const CKeyStore &keystore, const CScript &fromPubKey, CMutableTransaction &txTo, unsigned int nIn, const CAmount &amount, int nHashType)
Produce a script signature for a transaction.
Definition: sign.cpp:167

SignStep
static bool SignStep(const BaseSignatureCreator &creator, const CScript &scriptPubKey, std::vector< valtype > &ret, txnouttype &whichTypeRet, SigVersion sigversion)
Sign scriptPubKey using signature made with creator.
Definition: sign.cpp:62

SignatureData
Definition: sign.h:62

SignatureData::scriptSig
CScript scriptSig
Definition: sign.h:63

CMutableTransaction::vin
std::vector< CTxIn > vin
Definition: transaction.h:293

BaseSignatureCreator
Virtual base class for signature creators.
Definition: sign.h:19

PushAll
static CScript PushAll(const std::vector< valtype > &values)
Definition: sign.cpp:109

TransactionSignatureCreator
A signature creator for transactions.
Definition: sign.h:34

SCRIPT_VERIFY_STRICTENC
Definition: interpreter.h:45

ProduceSignature
bool ProduceSignature(const BaseSignatureCreator &creator, const CScript &fromPubKey, SignatureData &sigdata)
Produce a script signature using a generic signature creator.
Definition: sign.cpp:124

CPubKey::GetID
CKeyID GetID() const
Get the KeyID of this public key (hash of its serialization)
Definition: pubkey.h:149

CKey::Sign
bool Sign(const uint256 &hash, std::vector< unsigned char > &vchSig, uint32_t test_case=0) const
Create a DER-serialized signature.
Definition: key.cpp:192

SIGVERSION_BASE
Definition: interpreter.h:111

TransactionSignatureCreator::nIn
unsigned int nIn
Definition: sign.h:36

CAmount
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12

Sign1
static bool Sign1(const CKeyID &address, const BaseSignatureCreator &creator, const CScript &scriptCode, std::vector< valtype > &ret, SigVersion sigversion)
Definition: sign.cpp:33

BaseSignatureCreator::keystore
const CKeyStore * keystore
Definition: sign.h:21

prevector::end
iterator end()
Definition: prevector.h:320

SignatureHash
uint256 SignatureHash(const CScript &scriptCode, const CTransaction &txTo, unsigned int nIn, int nHashType, const CAmount &amount, SigVersion sigversion, const PrecomputedTransactionData *cache)
Definition: interpreter.cpp:1156

keystore.h

DummySignatureCreator::Checker
const BaseSignatureChecker & Checker() const override
Definition: sign.cpp:335

CTxIn
An input of a transaction.
Definition: transaction.h:70

BaseSignatureCreator::CreateSig
virtual bool CreateSig(std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const =0
Create a singular (non-script) signature.

BaseSignatureCreator::KeyStore
const CKeyStore & KeyStore() const
Definition: sign.h:25

policy.h

CPubKey
An encapsulated public key.
Definition: pubkey.h:30

CTransaction::vout
const std::vector< CTxOut > vout
Definition: transaction.h:216

TX_MULTISIG
Definition: standard.h:63

CKeyStore::GetKey
virtual bool GetKey(const CKeyID &address, CKey &keyOut) const =0

TransactionSignatureCreator::TransactionSignatureCreator
TransactionSignatureCreator(const CKeyStore *keystoreIn, const CTransaction *txToIn, unsigned int nInIn, const CAmount &amountIn, int nHashTypeIn=SIGHASH_ALL)
Definition: sign.cpp:18

TransactionSignatureCreator::CreateSig
bool CreateSig(std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const override
Create a singular (non-script) signature.
Definition: sign.cpp:20

CTxOut
An output of a transaction.
Definition: transaction.h:144

EvalScript
bool EvalScript(std::vector< std::vector< unsigned char > > &stack, const CScript &script, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptError *serror)
Definition: interpreter.cpp:235

VerifyScript
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
Definition: interpreter.cpp:1287

CKeyStore::GetPubKey
virtual bool GetPubKey(const CKeyID &address, CPubKey &vchPubKeyOut) const =0

Solver
bool Solver(const CScript &scriptPubKey, txnouttype &typeRet, std::vector< std::vector< unsigned char > > &vSolutionsRet)
Parse a scriptPubKey and identify script type for standard scripts.
Definition: standard.cpp:35

txnouttype
txnouttype
Definition: standard.h:56

uint256
256-bit opaque blob.
Definition: uint256.h:123

STANDARD_SCRIPT_VERIFY_FLAGS
static const unsigned int STANDARD_SCRIPT_VERIFY_FLAGS
Standard script verification flags that standard transactions will comply with.
Definition: policy.h:44

CScript::EncodeOP_N
static opcodetype EncodeOP_N(int n)
Definition: script.h:583

uint256.h

CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:389

CKeyStore
A virtual base class for key stores.
Definition: keystore.h:19

TX_NONSTANDARD
Definition: standard.h:58

CKeyID
A reference to a CKey: the Hash160 of its serialized public key.
Definition: pubkey.h:20

SIGHASH_ALL
Definition: interpreter.h:24

CombineMultisig
static std::vector< valtype > CombineMultisig(const CScript &scriptPubKey, const BaseSignatureChecker &checker, const std::vector< valtype > &vSolutions, const std::vector< valtype > &sigs1, const std::vector< valtype > &sigs2, SigVersion sigversion)
Definition: sign.cpp:190

BaseSignatureChecker::CheckSig
virtual bool CheckSig(const std::vector< unsigned char > &scriptSig, const std::vector< unsigned char > &vchPubKey, const CScript &scriptCode, SigVersion sigversion) const
Definition: interpreter.h:119

uint160
160-bit opaque blob.
Definition: uint256.h:112

valtype
std::vector< unsigned char > valtype
Definition: interpreter.cpp:15

valtype
std::vector< unsigned char > valtype
Definition: sign.cpp:16

CombineSignatures
static Stacks CombineSignatures(const CScript &scriptPubKey, const BaseSignatureChecker &checker, const txnouttype txType, const std::vector< valtype > &vSolutions, Stacks sigs1, Stacks sigs2, SigVersion sigversion)
Definition: sign.cpp:265

prevector::begin
iterator begin()
Definition: prevector.h:318

CMutableTransaction
A mutable version of CTransaction.
Definition: transaction.h:291

TX_PUBKEYHASH
Definition: standard.h:61

CKey
An encapsulated private key.
Definition: key.h:27

CTransaction
The basic transaction that is broadcasted on the network and contained in blocks. ...
Definition: transaction.h:198

key.h

DummySignatureCreator::CreateSig
bool CreateSig(std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const override
Create a singular (non-script) signature.
Definition: sign.cpp:340

TransactionSignatureCreator::txTo
const CTransaction * txTo
Definition: sign.h:35

OP_0
Definition: script.h:51

transaction.h

TransactionSignatureCreator::amount
CAmount amount
Definition: sign.h:38

standard.h

CKeyStore::GetCScript
virtual bool GetCScript(const CScriptID &hash, CScript &redeemScriptOut) const =0

BaseSignatureCreator::Checker
virtual const BaseSignatureChecker & Checker() const =0

ToByteVector
std::vector< unsigned char > ToByteVector(const T &in)
Definition: script.h:42

SigVersion
SigVersion
Definition: interpreter.h:109

TX_SCRIPTHASH
Definition: standard.h:62