LCOV - code coverage report
Current view: top level - src/script - sign.cpp (source / functions) Hit Total Coverage
Test: fuzz_coverage.info Lines: 10 530 1.9 %
Date: 2023-11-06 23:13:05 Functions: 4 60 6.7 %
Branches: 8 778 1.0 %

           Branch data     Line data    Source code
       1                 :            : // Copyright (c) 2009-2010 Satoshi Nakamoto
       2                 :            : // Copyright (c) 2009-2022 The Bitcoin Core developers
       3                 :            : // Distributed under the MIT software license, see the accompanying
       4                 :            : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
       5                 :            : 
       6                 :            : #include <script/sign.h>
       7                 :            : 
       8                 :            : #include <consensus/amount.h>
       9                 :            : #include <key.h>
      10                 :            : #include <policy/policy.h>
      11                 :            : #include <primitives/transaction.h>
      12                 :            : #include <script/keyorigin.h>
      13                 :            : #include <script/miniscript.h>
      14                 :            : #include <script/script.h>
      15                 :            : #include <script/signingprovider.h>
      16                 :            : #include <script/solver.h>
      17                 :            : #include <uint256.h>
      18                 :            : #include <util/translation.h>
      19                 :            : #include <util/vector.h>
      20                 :            : 
      21                 :            : typedef std::vector<unsigned char> valtype;
      22                 :            : 
      23                 :          0 : MutableTransactionSignatureCreator::MutableTransactionSignatureCreator(const CMutableTransaction& tx, unsigned int input_idx, const CAmount& amount, int hash_type)
      24         [ #  # ]:          0 :     : m_txto{tx}, nIn{input_idx}, nHashType{hash_type}, amount{amount}, checker{&m_txto, nIn, amount, MissingDataBehavior::FAIL},
      25                 :          0 :       m_txdata(nullptr)
      26                 :          0 : {
      27                 :          0 : }
      28                 :            : 
      29                 :          0 : MutableTransactionSignatureCreator::MutableTransactionSignatureCreator(const CMutableTransaction& tx, unsigned int input_idx, const CAmount& amount, const PrecomputedTransactionData* txdata, int hash_type)
      30                 :          0 :     : m_txto{tx}, nIn{input_idx}, nHashType{hash_type}, amount{amount},
      31 [ #  # ][ #  # ]:          0 :       checker{txdata ? MutableTransactionSignatureChecker{&m_txto, nIn, amount, *txdata, MissingDataBehavior::FAIL} :
      32         [ #  # ]:          0 :                        MutableTransactionSignatureChecker{&m_txto, nIn, amount, MissingDataBehavior::FAIL}},
      33                 :          0 :       m_txdata(txdata)
      34                 :          0 : {
      35                 :          0 : }
      36                 :            : 
      37                 :          0 : bool MutableTransactionSignatureCreator::CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& address, const CScript& scriptCode, SigVersion sigversion) const
      38                 :            : {
      39 [ #  # ][ #  # ]:          0 :     assert(sigversion == SigVersion::BASE || sigversion == SigVersion::WITNESS_V0);
      40                 :            : 
      41                 :          0 :     CKey key;
      42 [ #  # ][ #  # ]:          0 :     if (!provider.GetKey(address, key))
      43                 :          0 :         return false;
      44                 :            : 
      45                 :            :     // Signing with uncompressed keys is disabled in witness scripts
      46 [ #  # ][ #  # ]:          0 :     if (sigversion == SigVersion::WITNESS_V0 && !key.IsCompressed())
                 [ #  # ]
      47                 :          0 :         return false;
      48                 :            : 
      49                 :            :     // Signing without known amount does not work in witness scripts.
      50 [ #  # ][ #  # ]:          0 :     if (sigversion == SigVersion::WITNESS_V0 && !MoneyRange(amount)) return false;
                 [ #  # ]
      51                 :            : 
      52                 :            :     // BASE/WITNESS_V0 signatures don't support explicit SIGHASH_DEFAULT, use SIGHASH_ALL instead.
      53         [ #  # ]:          0 :     const int hashtype = nHashType == SIGHASH_DEFAULT ? SIGHASH_ALL : nHashType;
      54                 :            : 
      55         [ #  # ]:          0 :     uint256 hash = SignatureHash(scriptCode, m_txto, nIn, hashtype, amount, sigversion, m_txdata);
      56 [ #  # ][ #  # ]:          0 :     if (!key.Sign(hash, vchSig))
      57                 :          0 :         return false;
      58         [ #  # ]:          0 :     vchSig.push_back((unsigned char)hashtype);
      59                 :          0 :     return true;
      60                 :          0 : }
      61                 :            : 
      62                 :          0 : bool MutableTransactionSignatureCreator::CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion) const
      63                 :            : {
      64 [ #  # ][ #  # ]:          0 :     assert(sigversion == SigVersion::TAPROOT || sigversion == SigVersion::TAPSCRIPT);
      65                 :            : 
      66                 :          0 :     CKey key;
      67 [ #  # ][ #  # ]:          0 :     if (!provider.GetKeyByXOnly(pubkey, key)) return false;
      68                 :            : 
      69                 :            :     // BIP341/BIP342 signing needs lots of precomputed transaction data. While some
      70                 :            :     // (non-SIGHASH_DEFAULT) sighash modes exist that can work with just some subset
      71                 :            :     // of data present, for now, only support signing when everything is provided.
      72 [ #  # ][ #  # ]:          0 :     if (!m_txdata || !m_txdata->m_bip341_taproot_ready || !m_txdata->m_spent_outputs_ready) return false;
                 [ #  # ]
      73                 :            : 
      74         [ #  # ]:          0 :     ScriptExecutionData execdata;
      75                 :          0 :     execdata.m_annex_init = true;
      76                 :          0 :     execdata.m_annex_present = false; // Only support annex-less signing for now.
      77         [ #  # ]:          0 :     if (sigversion == SigVersion::TAPSCRIPT) {
      78                 :          0 :         execdata.m_codeseparator_pos_init = true;
      79                 :          0 :         execdata.m_codeseparator_pos = 0xFFFFFFFF; // Only support non-OP_CODESEPARATOR BIP342 signing for now.
      80         [ #  # ]:          0 :         if (!leaf_hash) return false; // BIP342 signing needs leaf hash.
      81                 :          0 :         execdata.m_tapleaf_hash_init = true;
      82                 :          0 :         execdata.m_tapleaf_hash = *leaf_hash;
      83                 :          0 :     }
      84         [ #  # ]:          0 :     uint256 hash;
      85 [ #  # ][ #  # ]:          0 :     if (!SignatureHashSchnorr(hash, execdata, m_txto, nIn, nHashType, sigversion, *m_txdata, MissingDataBehavior::FAIL)) return false;
      86         [ #  # ]:          0 :     sig.resize(64);
      87                 :            :     // Use uint256{} as aux_rnd for now.
      88 [ #  # ][ #  # ]:          0 :     if (!key.SignSchnorr(hash, sig, merkle_root, {})) return false;
         [ #  # ][ #  # ]
      89 [ #  # ][ #  # ]:          0 :     if (nHashType) sig.push_back(nHashType);
      90                 :          0 :     return true;
      91                 :          0 : }
      92                 :            : 
      93                 :          0 : static bool GetCScript(const SigningProvider& provider, const SignatureData& sigdata, const CScriptID& scriptid, CScript& script)
      94                 :            : {
      95         [ #  # ]:          0 :     if (provider.GetCScript(scriptid, script)) {
      96                 :          0 :         return true;
      97                 :            :     }
      98                 :            :     // Look for scripts in SignatureData
      99         [ #  # ]:          0 :     if (CScriptID(sigdata.redeem_script) == scriptid) {
     100                 :          0 :         script = sigdata.redeem_script;
     101                 :          0 :         return true;
     102         [ #  # ]:          0 :     } else if (CScriptID(sigdata.witness_script) == scriptid) {
     103                 :          0 :         script = sigdata.witness_script;
     104                 :          0 :         return true;
     105                 :            :     }
     106                 :          0 :     return false;
     107                 :          0 : }
     108                 :            : 
     109                 :          0 : static bool GetPubKey(const SigningProvider& provider, const SignatureData& sigdata, const CKeyID& address, CPubKey& pubkey)
     110                 :            : {
     111                 :            :     // Look for pubkey in all partial sigs
     112                 :          0 :     const auto it = sigdata.signatures.find(address);
     113         [ #  # ]:          0 :     if (it != sigdata.signatures.end()) {
     114                 :          0 :         pubkey = it->second.first;
     115                 :          0 :         return true;
     116                 :            :     }
     117                 :            :     // Look for pubkey in pubkey list
     118                 :          0 :     const auto& pk_it = sigdata.misc_pubkeys.find(address);
     119         [ #  # ]:          0 :     if (pk_it != sigdata.misc_pubkeys.end()) {
     120                 :          0 :         pubkey = pk_it->second.first;
     121                 :          0 :         return true;
     122                 :            :     }
     123                 :            :     // Query the underlying provider
     124                 :          0 :     return provider.GetPubKey(address, pubkey);
     125                 :          0 : }
     126                 :            : 
     127                 :          0 : static bool CreateSig(const BaseSignatureCreator& creator, SignatureData& sigdata, const SigningProvider& provider, std::vector<unsigned char>& sig_out, const CPubKey& pubkey, const CScript& scriptcode, SigVersion sigversion)
     128                 :            : {
     129                 :          0 :     CKeyID keyid = pubkey.GetID();
     130                 :          0 :     const auto it = sigdata.signatures.find(keyid);
     131         [ #  # ]:          0 :     if (it != sigdata.signatures.end()) {
     132                 :          0 :         sig_out = it->second.second;
     133                 :          0 :         return true;
     134                 :            :     }
     135                 :          0 :     KeyOriginInfo info;
     136 [ #  # ][ #  # ]:          0 :     if (provider.GetKeyOrigin(keyid, info)) {
     137 [ #  # ][ #  # ]:          0 :         sigdata.misc_pubkeys.emplace(keyid, std::make_pair(pubkey, std::move(info)));
     138                 :          0 :     }
     139 [ #  # ][ #  # ]:          0 :     if (creator.CreateSig(provider, sig_out, keyid, scriptcode, sigversion)) {
     140 [ #  # ][ #  # ]:          0 :         auto i = sigdata.signatures.emplace(keyid, SigPair(pubkey, sig_out));
     141         [ #  # ]:          0 :         assert(i.second);
     142                 :          0 :         return true;
     143                 :            :     }
     144                 :            :     // Could not make signature or signature not found, add keyid to missing
     145         [ #  # ]:          0 :     sigdata.missing_sigs.push_back(keyid);
     146                 :          0 :     return false;
     147                 :          0 : }
     148                 :            : 
     149                 :          0 : static bool CreateTaprootScriptSig(const BaseSignatureCreator& creator, SignatureData& sigdata, const SigningProvider& provider, std::vector<unsigned char>& sig_out, const XOnlyPubKey& pubkey, const uint256& leaf_hash, SigVersion sigversion)
     150                 :            : {
     151                 :          0 :     KeyOriginInfo info;
     152 [ #  # ][ #  # ]:          0 :     if (provider.GetKeyOriginByXOnly(pubkey, info)) {
     153         [ #  # ]:          0 :         auto it = sigdata.taproot_misc_pubkeys.find(pubkey);
     154         [ #  # ]:          0 :         if (it == sigdata.taproot_misc_pubkeys.end()) {
     155 [ #  # ][ #  # ]:          0 :             sigdata.taproot_misc_pubkeys.emplace(pubkey, std::make_pair(std::set<uint256>({leaf_hash}), info));
                 [ #  # ]
     156                 :          0 :         } else {
     157         [ #  # ]:          0 :             it->second.first.insert(leaf_hash);
     158                 :            :         }
     159                 :          0 :     }
     160                 :            : 
     161         [ #  # ]:          0 :     auto lookup_key = std::make_pair(pubkey, leaf_hash);
     162         [ #  # ]:          0 :     auto it = sigdata.taproot_script_sigs.find(lookup_key);
     163         [ #  # ]:          0 :     if (it != sigdata.taproot_script_sigs.end()) {
     164         [ #  # ]:          0 :         sig_out = it->second;
     165                 :          0 :         return true;
     166                 :            :     }
     167 [ #  # ][ #  # ]:          0 :     if (creator.CreateSchnorrSig(provider, sig_out, pubkey, &leaf_hash, nullptr, sigversion)) {
     168 [ #  # ][ #  # ]:          0 :         sigdata.taproot_script_sigs[lookup_key] = sig_out;
     169                 :          0 :         return true;
     170                 :            :     }
     171                 :          0 :     return false;
     172                 :          0 : }
     173                 :            : 
     174                 :          0 : static bool SignTaprootScript(const SigningProvider& provider, const BaseSignatureCreator& creator, SignatureData& sigdata, int leaf_version, Span<const unsigned char> script_bytes, std::vector<valtype>& result)
     175                 :            : {
     176                 :            :     // Only BIP342 tapscript signing is supported for now.
     177         [ #  # ]:          0 :     if (leaf_version != TAPROOT_LEAF_TAPSCRIPT) return false;
     178                 :          0 :     SigVersion sigversion = SigVersion::TAPSCRIPT;
     179                 :            : 
     180                 :          0 :     uint256 leaf_hash = ComputeTapleafHash(leaf_version, script_bytes);
     181                 :          0 :     CScript script = CScript(script_bytes.begin(), script_bytes.end());
     182                 :            : 
     183                 :            :     // <xonly pubkey> OP_CHECKSIG
     184 [ #  # ][ #  # ]:          0 :     if (script.size() == 34 && script[33] == OP_CHECKSIG && script[0] == 0x20) {
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
     185 [ #  # ][ #  # ]:          0 :         XOnlyPubKey pubkey{Span{script}.subspan(1, 32)};
     186                 :          0 :         std::vector<unsigned char> sig;
     187 [ #  # ][ #  # ]:          0 :         if (CreateTaprootScriptSig(creator, sigdata, provider, sig, pubkey, leaf_hash, sigversion)) {
     188         [ #  # ]:          0 :             result = Vector(std::move(sig));
     189                 :          0 :             return true;
     190                 :            :         }
     191                 :          0 :         return false;
     192                 :          0 :     }
     193                 :            : 
     194                 :            :     // multi_a scripts (<key> OP_CHECKSIG <key> OP_CHECKSIGADD <key> OP_CHECKSIGADD <k> OP_NUMEQUAL)
     195 [ #  # ][ #  # ]:          0 :     if (auto match = MatchMultiA(script)) {
                 [ #  # ]
     196                 :          0 :         std::vector<std::vector<unsigned char>> sigs;
     197                 :          0 :         int good_sigs = 0;
     198         [ #  # ]:          0 :         for (size_t i = 0; i < match->second.size(); ++i) {
     199 [ #  # ][ #  # ]:          0 :             XOnlyPubKey pubkey{*(match->second.rbegin() + i)};
                 [ #  # ]
     200                 :          0 :             std::vector<unsigned char> sig;
     201         [ #  # ]:          0 :             bool good_sig = CreateTaprootScriptSig(creator, sigdata, provider, sig, pubkey, leaf_hash, sigversion);
     202 [ #  # ][ #  # ]:          0 :             if (good_sig && good_sigs < match->first) {
     203                 :          0 :                 ++good_sigs;
     204         [ #  # ]:          0 :                 sigs.push_back(std::move(sig));
     205                 :          0 :             } else {
     206         [ #  # ]:          0 :                 sigs.emplace_back();
     207                 :            :             }
     208                 :          0 :         }
     209         [ #  # ]:          0 :         if (good_sigs == match->first) {
     210                 :          0 :             result = std::move(sigs);
     211                 :          0 :             return true;
     212                 :            :         }
     213                 :          0 :         return false;
     214                 :          0 :     }
     215                 :            : 
     216                 :          0 :     return false;
     217                 :          0 : }
     218                 :            : 
     219                 :          0 : static bool SignTaproot(const SigningProvider& provider, const BaseSignatureCreator& creator, const WitnessV1Taproot& output, SignatureData& sigdata, std::vector<valtype>& result)
     220                 :            : {
     221                 :          0 :     TaprootSpendData spenddata;
     222         [ #  # ]:          0 :     TaprootBuilder builder;
     223                 :            : 
     224                 :            :     // Gather information about this output.
     225 [ #  # ][ #  # ]:          0 :     if (provider.GetTaprootSpendData(output, spenddata)) {
     226 [ #  # ][ #  # ]:          0 :         sigdata.tr_spenddata.Merge(spenddata);
     227                 :          0 :     }
     228 [ #  # ][ #  # ]:          0 :     if (provider.GetTaprootBuilder(output, builder)) {
     229         [ #  # ]:          0 :         sigdata.tr_builder = builder;
     230                 :          0 :     }
     231                 :            : 
     232                 :            :     // Try key path spending.
     233                 :            :     {
     234                 :          0 :         KeyOriginInfo info;
     235 [ #  # ][ #  # ]:          0 :         if (provider.GetKeyOriginByXOnly(sigdata.tr_spenddata.internal_key, info)) {
     236         [ #  # ]:          0 :             auto it = sigdata.taproot_misc_pubkeys.find(sigdata.tr_spenddata.internal_key);
     237         [ #  # ]:          0 :             if (it == sigdata.taproot_misc_pubkeys.end()) {
     238 [ #  # ][ #  # ]:          0 :                 sigdata.taproot_misc_pubkeys.emplace(sigdata.tr_spenddata.internal_key, std::make_pair(std::set<uint256>(), info));
     239                 :          0 :             }
     240                 :          0 :         }
     241                 :            : 
     242                 :          0 :         std::vector<unsigned char> sig;
     243         [ #  # ]:          0 :         if (sigdata.taproot_key_path_sig.size() == 0) {
     244 [ #  # ][ #  # ]:          0 :             if (creator.CreateSchnorrSig(provider, sig, sigdata.tr_spenddata.internal_key, nullptr, &sigdata.tr_spenddata.merkle_root, SigVersion::TAPROOT)) {
     245         [ #  # ]:          0 :                 sigdata.taproot_key_path_sig = sig;
     246                 :          0 :             }
     247                 :          0 :         }
     248         [ #  # ]:          0 :         if (sigdata.taproot_key_path_sig.size() == 0) {
     249 [ #  # ][ #  # ]:          0 :             if (creator.CreateSchnorrSig(provider, sig, output, nullptr, nullptr, SigVersion::TAPROOT)) {
     250         [ #  # ]:          0 :                 sigdata.taproot_key_path_sig = sig;
     251                 :          0 :             }
     252                 :          0 :         }
     253         [ #  # ]:          0 :         if (sigdata.taproot_key_path_sig.size()) {
     254         [ #  # ]:          0 :             result = Vector(sigdata.taproot_key_path_sig);
     255                 :          0 :             return true;
     256                 :            :         }
     257         [ #  # ]:          0 :     }
     258                 :            : 
     259                 :            :     // Try script path spending.
     260                 :          0 :     std::vector<std::vector<unsigned char>> smallest_result_stack;
     261         [ #  # ]:          0 :     for (const auto& [key, control_blocks] : sigdata.tr_spenddata.scripts) {
     262                 :          0 :         const auto& [script, leaf_ver] = key;
     263                 :          0 :         std::vector<std::vector<unsigned char>> result_stack;
     264 [ #  # ][ #  # ]:          0 :         if (SignTaprootScript(provider, creator, sigdata, leaf_ver, script, result_stack)) {
         [ #  # ][ #  # ]
                 [ #  # ]
     265 [ #  # ][ #  # ]:          0 :             result_stack.emplace_back(std::begin(script), std::end(script)); // Push the script
         [ #  # ][ #  # ]
     266         [ #  # ]:          0 :             result_stack.push_back(*control_blocks.begin()); // Push the smallest control block
     267 [ #  # ][ #  # ]:          0 :             if (smallest_result_stack.size() == 0 ||
     268 [ #  # ][ #  # ]:          0 :                 GetSerializeSize(result_stack, PROTOCOL_VERSION) < GetSerializeSize(smallest_result_stack, PROTOCOL_VERSION)) {
     269                 :          0 :                 smallest_result_stack = std::move(result_stack);
     270                 :          0 :             }
     271                 :          0 :         }
     272                 :          0 :     }
     273         [ #  # ]:          0 :     if (smallest_result_stack.size() != 0) {
     274                 :          0 :         result = std::move(smallest_result_stack);
     275                 :          0 :         return true;
     276                 :            :     }
     277                 :            : 
     278                 :          0 :     return false;
     279                 :          0 : }
     280                 :            : 
     281         [ +  - ]:          2 : /**
     282                 :            :  * Sign scriptPubKey using signature made with creator.
     283 [ +  - ][ -  + ]:          2 :  * Signatures are returned in scriptSigRet (or returns false if scriptPubKey can't be signed),
         [ +  - ][ +  - ]
     284                 :            :  * unless whichTypeRet is TxoutType::SCRIPTHASH, in which case scriptSigRet is the redemption script.
     285         [ +  - ]:          2 :  * Returns false if scriptPubKey could not be completely satisfied.
     286                 :            :  */
     287                 :          2 : static bool SignStep(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& scriptPubKey,
     288                 :            :                      std::vector<valtype>& ret, TxoutType& whichTypeRet, SigVersion sigversion, SignatureData& sigdata)
     289 [ +  - ][ +  - ]:          2 : {
     290                 :          0 :     CScript scriptRet;
     291                 :          0 :     ret.clear();
     292                 :          0 :     std::vector<unsigned char> sig;
     293                 :            : 
     294                 :          0 :     std::vector<valtype> vSolutions;
     295         [ #  # ]:          0 :     whichTypeRet = Solver(scriptPubKey, vSolutions);
     296                 :            : 
     297   [ #  #  #  #  :          0 :     switch (whichTypeRet) {
             #  #  #  #  
                      # ]
     298                 :            :     case TxoutType::NONSTANDARD:
     299                 :            :     case TxoutType::NULL_DATA:
     300                 :            :     case TxoutType::WITNESS_UNKNOWN:
     301                 :          0 :         return false;
     302                 :            :     case TxoutType::PUBKEY:
     303 [ #  # ][ #  # ]:          0 :         if (!CreateSig(creator, sigdata, provider, sig, CPubKey(vSolutions[0]), scriptPubKey, sigversion)) return false;
         [ #  # ][ #  # ]
     304         [ #  # ]:          0 :         ret.push_back(std::move(sig));
     305                 :          0 :         return true;
     306                 :            :     case TxoutType::PUBKEYHASH: {
     307 [ #  # ][ #  # ]:          0 :         CKeyID keyID = CKeyID(uint160(vSolutions[0]));
                 [ #  # ]
     308         [ #  # ]:          0 :         CPubKey pubkey;
     309 [ #  # ][ #  # ]:          0 :         if (!GetPubKey(provider, sigdata, keyID, pubkey)) {
     310                 :            :             // Pubkey could not be found, add to missing
     311         [ #  # ]:          0 :             sigdata.missing_pubkeys.push_back(keyID);
     312                 :          0 :             return false;
     313                 :            :         }
     314 [ #  # ][ #  # ]:          0 :         if (!CreateSig(creator, sigdata, provider, sig, pubkey, scriptPubKey, sigversion)) return false;
     315         [ #  # ]:          0 :         ret.push_back(std::move(sig));
     316 [ #  # ][ #  # ]:          0 :         ret.push_back(ToByteVector(pubkey));
     317                 :          0 :         return true;
     318                 :            :     }
     319                 :            :     case TxoutType::SCRIPTHASH: {
     320 [ #  # ][ #  # ]:          0 :         uint160 h160{vSolutions[0]};
     321 [ #  # ][ #  # ]:          0 :         if (GetCScript(provider, sigdata, CScriptID{h160}, scriptRet)) {
                 [ #  # ]
     322 [ #  # ][ #  # ]:          0 :             ret.push_back(std::vector<unsigned char>(scriptRet.begin(), scriptRet.end()));
         [ #  # ][ #  # ]
     323                 :          0 :             return true;
     324                 :            :         }
     325                 :            :         // Could not find redeemScript, add to missing
     326                 :          0 :         sigdata.missing_redeem_script = h160;
     327                 :          0 :         return false;
     328                 :            :     }
     329                 :            :     case TxoutType::MULTISIG: {
     330                 :          0 :         size_t required = vSolutions.front()[0];
     331         [ #  # ]:          0 :         ret.push_back(valtype()); // workaround CHECKMULTISIG bug
     332         [ #  # ]:          0 :         for (size_t i = 1; i < vSolutions.size() - 1; ++i) {
     333 [ #  # ][ #  # ]:          0 :             CPubKey pubkey = CPubKey(vSolutions[i]);
     334                 :            :             // We need to always call CreateSig in order to fill sigdata with all
     335                 :            :             // possible signatures that we can create. This will allow further PSBT
     336                 :            :             // processing to work as it needs all possible signature and pubkey pairs
     337 [ #  # ][ #  # ]:          0 :             if (CreateSig(creator, sigdata, provider, sig, pubkey, scriptPubKey, sigversion)) {
     338         [ #  # ]:          0 :                 if (ret.size() < required + 1) {
     339         [ #  # ]:          0 :                     ret.push_back(std::move(sig));
     340                 :          0 :                 }
     341                 :          0 :             }
     342                 :          0 :         }
     343                 :          0 :         bool ok = ret.size() == required + 1;
     344         [ #  # ]:          0 :         for (size_t i = 0; i + ret.size() < required + 1; ++i) {
     345         [ #  # ]:          0 :             ret.push_back(valtype());
     346                 :          0 :         }
     347                 :          0 :         return ok;
     348                 :            :     }
     349                 :            :     case TxoutType::WITNESS_V0_KEYHASH:
     350         [ #  # ]:          0 :         ret.push_back(vSolutions[0]);
     351                 :          0 :         return true;
     352                 :            : 
     353                 :            :     case TxoutType::WITNESS_V0_SCRIPTHASH:
     354 [ #  # ][ #  # ]:          0 :         if (GetCScript(provider, sigdata, CScriptID{RIPEMD160(vSolutions[0])}, scriptRet)) {
         [ #  # ][ #  # ]
                 [ #  # ]
     355 [ #  # ][ #  # ]:          0 :             ret.push_back(std::vector<unsigned char>(scriptRet.begin(), scriptRet.end()));
         [ #  # ][ #  # ]
     356                 :          0 :             return true;
     357                 :            :         }
     358                 :            :         // Could not find witnessScript, add to missing
     359 [ #  # ][ #  # ]:          0 :         sigdata.missing_witness_script = uint256(vSolutions[0]);
     360                 :          0 :         return false;
     361                 :            : 
     362                 :            :     case TxoutType::WITNESS_V1_TAPROOT:
     363 [ #  # ][ #  # ]:          0 :         return SignTaproot(provider, creator, WitnessV1Taproot(XOnlyPubKey{vSolutions[0]}), sigdata, ret);
         [ #  # ][ #  # ]
     364                 :            :     } // no default case, so the compiler can warn about missing cases
     365                 :          0 :     assert(false);
     366                 :          0 : }
     367                 :            : 
     368                 :          0 : static CScript PushAll(const std::vector<valtype>& values)
     369                 :            : {
     370                 :          0 :     CScript result;
     371         [ #  # ]:          0 :     for (const valtype& v : values) {
     372         [ #  # ]:          0 :         if (v.size() == 0) {
     373         [ #  # ]:          0 :             result << OP_0;
     374 [ #  # ][ #  # ]:          0 :         } else if (v.size() == 1 && v[0] >= 1 && v[0] <= 16) {
                 [ #  # ]
     375 [ #  # ][ #  # ]:          0 :             result << CScript::EncodeOP_N(v[0]);
     376 [ #  # ][ #  # ]:          0 :         } else if (v.size() == 1 && v[0] == 0x81) {
     377         [ #  # ]:          0 :             result << OP_1NEGATE;
     378                 :          0 :         } else {
     379         [ #  # ]:          0 :             result << v;
     380                 :            :         }
     381                 :            :     }
     382                 :          0 :     return result;
     383         [ #  # ]:          0 : }
     384                 :            : 
     385                 :            : template<typename M, typename K, typename V>
     386                 :          0 : miniscript::Availability MsLookupHelper(const M& map, const K& key, V& value)
     387                 :            : {
     388                 :          0 :     auto it = map.find(key);
     389         [ #  # ]:          0 :     if (it != map.end()) {
     390                 :          0 :         value = it->second;
     391                 :          0 :         return miniscript::Availability::YES;
     392                 :            :     }
     393                 :          0 :     return miniscript::Availability::NO;
     394                 :          0 : }
     395                 :            : 
     396                 :            : /**
     397                 :            :  * Context for solving a Miniscript.
     398                 :            :  * If enough material (access to keys, hash preimages, ..) is given, produces a valid satisfaction.
     399                 :            :  */
     400                 :            : struct Satisfier {
     401                 :            :     typedef CPubKey Key;
     402                 :            : 
     403                 :            :     const SigningProvider& m_provider;
     404                 :            :     SignatureData& m_sig_data;
     405                 :            :     const BaseSignatureCreator& m_creator;
     406                 :            :     const CScript& m_witness_script;
     407                 :            : 
     408                 :          0 :     explicit Satisfier(const SigningProvider& provider LIFETIMEBOUND, SignatureData& sig_data LIFETIMEBOUND,
     409                 :            :                        const BaseSignatureCreator& creator LIFETIMEBOUND,
     410                 :          0 :                        const CScript& witscript LIFETIMEBOUND) : m_provider(provider),
     411                 :          0 :                                                                  m_sig_data(sig_data),
     412                 :          0 :                                                                  m_creator(creator),
     413                 :          0 :                                                                  m_witness_script(witscript) {}
     414                 :            : 
     415                 :          0 :     static bool KeyCompare(const Key& a, const Key& b) {
     416                 :          0 :         return a < b;
     417                 :            :     }
     418                 :            : 
     419                 :            :     //! Conversion from a raw public key.
     420                 :            :     template <typename I>
     421                 :          0 :     std::optional<Key> FromPKBytes(I first, I last) const
     422                 :            :     {
     423                 :          0 :         Key pubkey{first, last};
     424         [ #  # ]:          0 :         if (pubkey.IsValid()) return pubkey;
     425                 :          0 :         return {};
     426                 :          0 :     }
     427                 :            : 
     428                 :            :     //! Conversion from a raw public key hash.
     429                 :            :     template<typename I>
     430                 :          0 :     std::optional<Key> FromPKHBytes(I first, I last) const {
     431         [ #  # ]:          0 :         assert(last - first == 20);
     432                 :          0 :         Key pubkey;
     433                 :          0 :         CKeyID key_id;
     434                 :          0 :         std::copy(first, last, key_id.begin());
     435         [ #  # ]:          0 :         if (GetPubKey(m_provider, m_sig_data, key_id, pubkey)) return pubkey;
     436                 :          0 :         m_sig_data.missing_pubkeys.push_back(key_id);
     437                 :          0 :         return {};
     438                 :          0 :     }
     439                 :            : 
     440                 :            :     //! Conversion to raw public key.
     441         [ #  # ]:          0 :     std::vector<unsigned char> ToPKBytes(const CPubKey& key) const { return {key.begin(), key.end()}; }
     442                 :            : 
     443                 :            :     //! Satisfy a signature check.
     444                 :          0 :     miniscript::Availability Sign(const CPubKey& key, std::vector<unsigned char>& sig) const {
     445         [ #  # ]:          0 :         if (CreateSig(m_creator, m_sig_data, m_provider, sig, key, m_witness_script, SigVersion::WITNESS_V0)) {
     446                 :          0 :             return miniscript::Availability::YES;
     447                 :            :         }
     448                 :          0 :         return miniscript::Availability::NO;
     449                 :          0 :     }
     450                 :            : 
     451                 :            :     //! Time lock satisfactions.
     452                 :          0 :     bool CheckAfter(uint32_t value) const { return m_creator.Checker().CheckLockTime(CScriptNum(value)); }
     453                 :          0 :     bool CheckOlder(uint32_t value) const { return m_creator.Checker().CheckSequence(CScriptNum(value)); }
     454                 :            : 
     455                 :            : 
     456                 :            :     //! Hash preimage satisfactions.
     457                 :          0 :     miniscript::Availability SatSHA256(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     458                 :          0 :         return MsLookupHelper(m_sig_data.sha256_preimages, hash, preimage);
     459                 :            :     }
     460                 :          0 :     miniscript::Availability SatRIPEMD160(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     461                 :          0 :         return MsLookupHelper(m_sig_data.ripemd160_preimages, hash, preimage);
     462                 :            :     }
     463                 :          0 :     miniscript::Availability SatHASH256(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     464                 :          0 :         return MsLookupHelper(m_sig_data.hash256_preimages, hash, preimage);
     465                 :            :     }
     466                 :          0 :     miniscript::Availability SatHASH160(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     467                 :          0 :         return MsLookupHelper(m_sig_data.hash160_preimages, hash, preimage);
     468                 :            :     }
     469                 :            : };
     470                 :            : 
     471                 :          0 : bool ProduceSignature(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& fromPubKey, SignatureData& sigdata)
     472                 :            : {
     473         [ #  # ]:          0 :     if (sigdata.complete) return true;
     474                 :            : 
     475                 :          0 :     std::vector<valtype> result;
     476                 :            :     TxoutType whichType;
     477         [ #  # ]:          0 :     bool solved = SignStep(provider, creator, fromPubKey, result, whichType, SigVersion::BASE, sigdata);
     478                 :          0 :     bool P2SH = false;
     479         [ #  # ]:          0 :     CScript subscript;
     480                 :            : 
     481 [ #  # ][ #  # ]:          0 :     if (solved && whichType == TxoutType::SCRIPTHASH)
     482                 :            :     {
     483                 :            :         // Solver returns the subscript that needs to be evaluated;
     484                 :            :         // the final scriptSig is the signatures from that
     485                 :            :         // and then the serialized subscript:
     486         [ #  # ]:          0 :         subscript = CScript(result[0].begin(), result[0].end());
     487         [ #  # ]:          0 :         sigdata.redeem_script = subscript;
     488 [ #  # ][ #  # ]:          0 :         solved = solved && SignStep(provider, creator, subscript, result, whichType, SigVersion::BASE, sigdata) && whichType != TxoutType::SCRIPTHASH;
                 [ #  # ]
     489                 :          0 :         P2SH = true;
     490                 :          0 :     }
     491                 :            : 
     492 [ #  # ][ #  # ]:          0 :     if (solved && whichType == TxoutType::WITNESS_V0_KEYHASH)
     493                 :            :     {
     494         [ #  # ]:          0 :         CScript witnessscript;
     495 [ #  # ][ #  # ]:          0 :         witnessscript << OP_DUP << OP_HASH160 << ToByteVector(result[0]) << OP_EQUALVERIFY << OP_CHECKSIG;
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
     496                 :            :         TxoutType subType;
     497 [ #  # ][ #  # ]:          0 :         solved = solved && SignStep(provider, creator, witnessscript, result, subType, SigVersion::WITNESS_V0, sigdata);
     498         [ #  # ]:          0 :         sigdata.scriptWitness.stack = result;
     499                 :          0 :         sigdata.witness = true;
     500                 :          0 :         result.clear();
     501                 :          0 :     }
     502 [ #  # ][ #  # ]:          0 :     else if (solved && whichType == TxoutType::WITNESS_V0_SCRIPTHASH)
     503                 :            :     {
     504         [ #  # ]:          0 :         CScript witnessscript(result[0].begin(), result[0].end());
     505         [ #  # ]:          0 :         sigdata.witness_script = witnessscript;
     506                 :            : 
     507                 :          0 :         TxoutType subType{TxoutType::NONSTANDARD};
     508 [ #  # ][ #  # ]:          0 :         solved = solved && SignStep(provider, creator, witnessscript, result, subType, SigVersion::WITNESS_V0, sigdata) && subType != TxoutType::SCRIPTHASH && subType != TxoutType::WITNESS_V0_SCRIPTHASH && subType != TxoutType::WITNESS_V0_KEYHASH;
         [ #  # ][ #  # ]
                 [ #  # ]
     509                 :            : 
     510                 :            :         // If we couldn't find a solution with the legacy satisfier, try satisfying the script using Miniscript.
     511                 :            :         // Note we need to check if the result stack is empty before, because it might be used even if the Script
     512                 :            :         // isn't fully solved. For instance the CHECKMULTISIG satisfaction in SignStep() pushes partial signatures
     513                 :            :         // and the extractor relies on this behaviour to combine witnesses.
     514 [ #  # ][ #  # ]:          0 :         if (!solved && result.empty()) {
     515         [ #  # ]:          0 :             Satisfier ms_satisfier{provider, sigdata, creator, witnessscript};
     516         [ #  # ]:          0 :             const auto ms = miniscript::FromScript(witnessscript, ms_satisfier);
     517 [ #  # ][ #  # ]:          0 :             solved = ms && ms->Satisfy(ms_satisfier, result) == miniscript::Availability::YES;
     518                 :          0 :         }
     519 [ #  # ][ #  # ]:          0 :         result.push_back(std::vector<unsigned char>(witnessscript.begin(), witnessscript.end()));
         [ #  # ][ #  # ]
     520                 :            : 
     521         [ #  # ]:          0 :         sigdata.scriptWitness.stack = result;
     522                 :          0 :         sigdata.witness = true;
     523                 :          0 :         result.clear();
     524 [ #  # ][ #  # ]:          0 :     } else if (whichType == TxoutType::WITNESS_V1_TAPROOT && !P2SH) {
     525                 :          0 :         sigdata.witness = true;
     526         [ #  # ]:          0 :         if (solved) {
     527                 :          0 :             sigdata.scriptWitness.stack = std::move(result);
     528                 :          0 :         }
     529                 :          0 :         result.clear();
     530 [ #  # ][ #  # ]:          0 :     } else if (solved && whichType == TxoutType::WITNESS_UNKNOWN) {
     531                 :          0 :         sigdata.witness = true;
     532                 :          0 :     }
     533                 :            : 
     534         [ #  # ]:          0 :     if (!sigdata.witness) sigdata.scriptWitness.stack.clear();
     535         [ #  # ]:          0 :     if (P2SH) {
     536 [ #  # ][ #  # ]:          0 :         result.push_back(std::vector<unsigned char>(subscript.begin(), subscript.end()));
         [ #  # ][ #  # ]
     537                 :          0 :     }
     538         [ #  # ]:          0 :     sigdata.scriptSig = PushAll(result);
     539                 :            : 
     540                 :            :     // Test solution
     541 [ #  # ][ #  # ]:          0 :     sigdata.complete = solved && VerifyScript(sigdata.scriptSig, fromPubKey, &sigdata.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, creator.Checker());
                 [ #  # ]
     542                 :          0 :     return sigdata.complete;
     543                 :          0 : }
     544                 :            : 
     545                 :            : namespace {
     546                 :          0 : class SignatureExtractorChecker final : public DeferringSignatureChecker
     547                 :            : {
     548                 :            : private:
     549                 :            :     SignatureData& sigdata;
     550                 :            : 
     551                 :            : public:
     552                 :          0 :     SignatureExtractorChecker(SignatureData& sigdata, BaseSignatureChecker& checker) : DeferringSignatureChecker(checker), sigdata(sigdata) {}
     553                 :            : 
     554                 :          0 :     bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
     555                 :            :     {
     556         [ #  # ]:          0 :         if (m_checker.CheckECDSASignature(scriptSig, vchPubKey, scriptCode, sigversion)) {
     557                 :          0 :             CPubKey pubkey(vchPubKey);
     558         [ #  # ]:          0 :             sigdata.signatures.emplace(pubkey.GetID(), SigPair(pubkey, scriptSig));
     559                 :          0 :             return true;
     560                 :            :         }
     561                 :          0 :         return false;
     562                 :          0 :     }
     563                 :            : };
     564                 :            : 
     565                 :          0 : struct Stacks
     566                 :            : {
     567                 :            :     std::vector<valtype> script;
     568                 :            :     std::vector<valtype> witness;
     569                 :            : 
     570                 :            :     Stacks() = delete;
     571                 :            :     Stacks(const Stacks&) = delete;
     572         [ #  # ]:          0 :     explicit Stacks(const SignatureData& data) : witness(data.scriptWitness.stack) {
     573         [ #  # ]:          0 :         EvalScript(script, data.scriptSig, SCRIPT_VERIFY_STRICTENC, BaseSignatureChecker(), SigVersion::BASE);
     574                 :          0 :     }
     575                 :            : };
     576                 :            : }
     577                 :            : 
     578                 :            : // Extracts signatures and scripts from incomplete scriptSigs. Please do not extend this, use PSBT instead
     579                 :          0 : SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn, const CTxOut& txout)
     580                 :            : {
     581                 :          0 :     SignatureData data;
     582         [ #  # ]:          0 :     assert(tx.vin.size() > nIn);
     583         [ #  # ]:          0 :     data.scriptSig = tx.vin[nIn].scriptSig;
     584         [ #  # ]:          0 :     data.scriptWitness = tx.vin[nIn].scriptWitness;
     585         [ #  # ]:          0 :     Stacks stack(data);
     586                 :            : 
     587                 :            :     // Get signatures
     588         [ #  # ]:          0 :     MutableTransactionSignatureChecker tx_checker(&tx, nIn, txout.nValue, MissingDataBehavior::FAIL);
     589         [ #  # ]:          0 :     SignatureExtractorChecker extractor_checker(data, tx_checker);
     590 [ #  # ][ #  # ]:          0 :     if (VerifyScript(data.scriptSig, txout.scriptPubKey, &data.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, extractor_checker)) {
     591                 :          0 :         data.complete = true;
     592                 :          0 :         return data;
     593                 :            :     }
     594                 :            : 
     595                 :            :     // Get scripts
     596                 :          0 :     std::vector<std::vector<unsigned char>> solutions;
     597         [ #  # ]:          0 :     TxoutType script_type = Solver(txout.scriptPubKey, solutions);
     598                 :          0 :     SigVersion sigversion = SigVersion::BASE;
     599         [ #  # ]:          0 :     CScript next_script = txout.scriptPubKey;
     600                 :            : 
     601 [ #  # ][ #  # ]:          0 :     if (script_type == TxoutType::SCRIPTHASH && !stack.script.empty() && !stack.script.back().empty()) {
                 [ #  # ]
     602                 :            :         // Get the redeemScript
     603         [ #  # ]:          0 :         CScript redeem_script(stack.script.back().begin(), stack.script.back().end());
     604         [ #  # ]:          0 :         data.redeem_script = redeem_script;
     605                 :          0 :         next_script = std::move(redeem_script);
     606                 :            : 
     607                 :            :         // Get redeemScript type
     608         [ #  # ]:          0 :         script_type = Solver(next_script, solutions);
     609                 :          0 :         stack.script.pop_back();
     610                 :          0 :     }
     611 [ #  # ][ #  # ]:          0 :     if (script_type == TxoutType::WITNESS_V0_SCRIPTHASH && !stack.witness.empty() && !stack.witness.back().empty()) {
                 [ #  # ]
     612                 :            :         // Get the witnessScript
     613         [ #  # ]:          0 :         CScript witness_script(stack.witness.back().begin(), stack.witness.back().end());
     614         [ #  # ]:          0 :         data.witness_script = witness_script;
     615                 :          0 :         next_script = std::move(witness_script);
     616                 :            : 
     617                 :            :         // Get witnessScript type
     618         [ #  # ]:          0 :         script_type = Solver(next_script, solutions);
     619                 :          0 :         stack.witness.pop_back();
     620                 :          0 :         stack.script = std::move(stack.witness);
     621                 :          0 :         stack.witness.clear();
     622                 :          0 :         sigversion = SigVersion::WITNESS_V0;
     623                 :          0 :     }
     624 [ #  # ][ #  # ]:          0 :     if (script_type == TxoutType::MULTISIG && !stack.script.empty()) {
     625                 :            :         // Build a map of pubkey -> signature by matching sigs to pubkeys:
     626         [ #  # ]:          0 :         assert(solutions.size() > 1);
     627                 :          0 :         unsigned int num_pubkeys = solutions.size()-2;
     628                 :          0 :         unsigned int last_success_key = 0;
     629         [ #  # ]:          0 :         for (const valtype& sig : stack.script) {
     630         [ #  # ]:          0 :             for (unsigned int i = last_success_key; i < num_pubkeys; ++i) {
     631                 :          0 :                 const valtype& pubkey = solutions[i+1];
     632                 :            :                 // We either have a signature for this pubkey, or we have found a signature and it is valid
     633 [ #  # ][ #  # ]:          0 :                 if (data.signatures.count(CPubKey(pubkey).GetID()) || extractor_checker.CheckECDSASignature(sig, pubkey, next_script, sigversion)) {
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
                 [ #  # ]
     634                 :          0 :                     last_success_key = i + 1;
     635                 :          0 :                     break;
     636                 :            :                 }
     637                 :          0 :             }
     638                 :            :         }
     639                 :          0 :     }
     640                 :            : 
     641                 :          0 :     return data;
     642         [ #  # ]:          0 : }
     643                 :            : 
     644                 :          0 : void UpdateInput(CTxIn& input, const SignatureData& data)
     645                 :            : {
     646                 :          0 :     input.scriptSig = data.scriptSig;
     647                 :          0 :     input.scriptWitness = data.scriptWitness;
     648                 :          0 : }
     649                 :            : 
     650                 :          0 : void SignatureData::MergeSignatureData(SignatureData sigdata)
     651                 :            : {
     652         [ #  # ]:          0 :     if (complete) return;
     653         [ #  # ]:          0 :     if (sigdata.complete) {
     654                 :          0 :         *this = std::move(sigdata);
     655                 :          0 :         return;
     656                 :            :     }
     657 [ #  # ][ #  # ]:          0 :     if (redeem_script.empty() && !sigdata.redeem_script.empty()) {
     658                 :          0 :         redeem_script = sigdata.redeem_script;
     659                 :          0 :     }
     660 [ #  # ][ #  # ]:          0 :     if (witness_script.empty() && !sigdata.witness_script.empty()) {
     661                 :          0 :         witness_script = sigdata.witness_script;
     662                 :          0 :     }
     663                 :          0 :     signatures.insert(std::make_move_iterator(sigdata.signatures.begin()), std::make_move_iterator(sigdata.signatures.end()));
     664                 :          0 : }
     665                 :            : 
     666                 :          0 : bool SignSignature(const SigningProvider &provider, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType, SignatureData& sig_data)
     667                 :            : {
     668         [ #  # ]:          0 :     assert(nIn < txTo.vin.size());
     669                 :            : 
     670                 :          0 :     MutableTransactionSignatureCreator creator(txTo, nIn, amount, nHashType);
     671                 :            : 
     672         [ #  # ]:          0 :     bool ret = ProduceSignature(provider, creator, fromPubKey, sig_data);
     673 [ #  # ][ #  # ]:          0 :     UpdateInput(txTo.vin.at(nIn), sig_data);
     674                 :          0 :     return ret;
     675                 :          0 : }
     676                 :            : 
     677                 :          0 : bool SignSignature(const SigningProvider &provider, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType, SignatureData& sig_data)
     678                 :            : {
     679         [ #  # ]:          0 :     assert(nIn < txTo.vin.size());
     680                 :          0 :     const CTxIn& txin = txTo.vin[nIn];
     681         [ #  # ]:          0 :     assert(txin.prevout.n < txFrom.vout.size());
     682                 :          0 :     const CTxOut& txout = txFrom.vout[txin.prevout.n];
     683                 :            : 
     684                 :          0 :     return SignSignature(provider, txout.scriptPubKey, txTo, nIn, txout.nValue, nHashType, sig_data);
     685                 :            : }
     686                 :            : 
     687                 :            : namespace {
     688                 :            : /** Dummy signature checker which accepts all signatures. */
     689                 :          0 : class DummySignatureChecker final : public BaseSignatureChecker
     690                 :            : {
     691                 :            : public:
     692                 :          2 :     DummySignatureChecker() = default;
     693                 :          0 :     bool CheckECDSASignature(const std::vector<unsigned char>& sig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override { return sig.size() != 0; }
     694                 :          0 :     bool CheckSchnorrSignature(Span<const unsigned char> sig, Span<const unsigned char> pubkey, SigVersion sigversion, ScriptExecutionData& execdata, ScriptError* serror) const override { return sig.size() != 0; }
     695                 :          0 :     bool CheckLockTime(const CScriptNum& nLockTime) const override { return true; }
     696                 :          0 :     bool CheckSequence(const CScriptNum& nSequence) const override { return true; }
     697                 :            : };
     698                 :            : }
     699                 :            : 
     700                 :          2 : const BaseSignatureChecker& DUMMY_CHECKER = DummySignatureChecker();
     701                 :            : 
     702                 :            : namespace {
     703                 :          0 : class DummySignatureCreator final : public BaseSignatureCreator {
     704                 :            : private:
     705                 :            :     char m_r_len = 32;
     706                 :            :     char m_s_len = 32;
     707                 :            : public:
     708                 :          4 :     DummySignatureCreator(char r_len, char s_len) : m_r_len(r_len), m_s_len(s_len) {}
     709                 :          0 :     const BaseSignatureChecker& Checker() const override { return DUMMY_CHECKER; }
     710                 :          0 :     bool CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const override
     711                 :            :     {
     712                 :            :         // Create a dummy signature that is a valid DER-encoding
     713                 :          0 :         vchSig.assign(m_r_len + m_s_len + 7, '\000');
     714                 :          0 :         vchSig[0] = 0x30;
     715                 :          0 :         vchSig[1] = m_r_len + m_s_len + 4;
     716                 :          0 :         vchSig[2] = 0x02;
     717                 :          0 :         vchSig[3] = m_r_len;
     718                 :          0 :         vchSig[4] = 0x01;
     719                 :          0 :         vchSig[4 + m_r_len] = 0x02;
     720                 :          0 :         vchSig[5 + m_r_len] = m_s_len;
     721                 :          0 :         vchSig[6 + m_r_len] = 0x01;
     722                 :          0 :         vchSig[6 + m_r_len + m_s_len] = SIGHASH_ALL;
     723                 :          0 :         return true;
     724                 :            :     }
     725                 :          0 :     bool CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* tweak, SigVersion sigversion) const override
     726                 :            :     {
     727                 :          0 :         sig.assign(64, '\000');
     728                 :          0 :         return true;
     729                 :            :     }
     730                 :            : };
     731                 :            : 
     732                 :            : }
     733                 :            : 
     734                 :          2 : const BaseSignatureCreator& DUMMY_SIGNATURE_CREATOR = DummySignatureCreator(32, 32);
     735                 :          2 : const BaseSignatureCreator& DUMMY_MAXIMUM_SIGNATURE_CREATOR = DummySignatureCreator(33, 32);
     736                 :            : 
     737                 :          0 : bool IsSegWitOutput(const SigningProvider& provider, const CScript& script)
     738                 :            : {
     739                 :            :     int version;
     740                 :          0 :     valtype program;
     741 [ #  # ][ #  # ]:          0 :     if (script.IsWitnessProgram(version, program)) return true;
     742 [ #  # ][ #  # ]:          0 :     if (script.IsPayToScriptHash()) {
     743                 :          0 :         std::vector<valtype> solutions;
     744         [ #  # ]:          0 :         auto whichtype = Solver(script, solutions);
     745         [ #  # ]:          0 :         if (whichtype == TxoutType::SCRIPTHASH) {
     746 [ #  # ][ #  # ]:          0 :             auto h160 = uint160(solutions[0]);
     747         [ #  # ]:          0 :             CScript subscript;
     748 [ #  # ][ #  # ]:          0 :             if (provider.GetCScript(CScriptID{h160}, subscript)) {
                 [ #  # ]
     749 [ #  # ][ #  # ]:          0 :                 if (subscript.IsWitnessProgram(version, program)) return true;
     750                 :          0 :             }
     751         [ #  # ]:          0 :         }
     752         [ #  # ]:          0 :     }
     753                 :          0 :     return false;
     754                 :          0 : }
     755                 :            : 
     756                 :          0 : bool SignTransaction(CMutableTransaction& mtx, const SigningProvider* keystore, const std::map<COutPoint, Coin>& coins, int nHashType, std::map<int, bilingual_str>& input_errors)
     757                 :            : {
     758                 :          0 :     bool fHashSingle = ((nHashType & ~SIGHASH_ANYONECANPAY) == SIGHASH_SINGLE);
     759                 :            : 
     760                 :            :     // Use CTransaction for the constant parts of the
     761                 :            :     // transaction to avoid rehashing.
     762                 :          0 :     const CTransaction txConst(mtx);
     763                 :            : 
     764         [ #  # ]:          0 :     PrecomputedTransactionData txdata;
     765                 :          0 :     std::vector<CTxOut> spent_outputs;
     766         [ #  # ]:          0 :     for (unsigned int i = 0; i < mtx.vin.size(); ++i) {
     767                 :          0 :         CTxIn& txin = mtx.vin[i];
     768         [ #  # ]:          0 :         auto coin = coins.find(txin.prevout);
     769 [ #  # ][ #  # ]:          0 :         if (coin == coins.end() || coin->second.IsSpent()) {
                 [ #  # ]
     770         [ #  # ]:          0 :             txdata.Init(txConst, /*spent_outputs=*/{}, /*force=*/true);
     771                 :          0 :             break;
     772                 :            :         } else {
     773         [ #  # ]:          0 :             spent_outputs.emplace_back(coin->second.out.nValue, coin->second.out.scriptPubKey);
     774                 :            :         }
     775                 :          0 :     }
     776         [ #  # ]:          0 :     if (spent_outputs.size() == mtx.vin.size()) {
     777         [ #  # ]:          0 :         txdata.Init(txConst, std::move(spent_outputs), true);
     778                 :          0 :     }
     779                 :            : 
     780                 :            :     // Sign what we can:
     781         [ #  # ]:          0 :     for (unsigned int i = 0; i < mtx.vin.size(); ++i) {
     782                 :          0 :         CTxIn& txin = mtx.vin[i];
     783         [ #  # ]:          0 :         auto coin = coins.find(txin.prevout);
     784 [ #  # ][ #  # ]:          0 :         if (coin == coins.end() || coin->second.IsSpent()) {
                 [ #  # ]
     785 [ #  # ][ #  # ]:          0 :             input_errors[i] = _("Input not found or already spent");
     786                 :          0 :             continue;
     787                 :            :         }
     788                 :          0 :         const CScript& prevPubKey = coin->second.out.scriptPubKey;
     789                 :          0 :         const CAmount& amount = coin->second.out.nValue;
     790                 :            : 
     791         [ #  # ]:          0 :         SignatureData sigdata = DataFromTransaction(mtx, i, coin->second.out);
     792                 :            :         // Only sign SIGHASH_SINGLE if there's a corresponding output:
     793         [ #  # ]:          0 :         if (!fHashSingle || (i < mtx.vout.size())) {
     794 [ #  # ][ #  # ]:          0 :             ProduceSignature(*keystore, MutableTransactionSignatureCreator(mtx, i, amount, &txdata, nHashType), prevPubKey, sigdata);
     795                 :          0 :         }
     796                 :            : 
     797         [ #  # ]:          0 :         UpdateInput(txin, sigdata);
     798                 :            : 
     799                 :            :         // amount must be specified for valid segwit signature
     800 [ #  # ][ #  # ]:          0 :         if (amount == MAX_MONEY && !txin.scriptWitness.IsNull()) {
                 [ #  # ]
     801 [ #  # ][ #  # ]:          0 :             input_errors[i] = _("Missing amount");
     802                 :          0 :             continue;
     803                 :            :         }
     804                 :            : 
     805                 :          0 :         ScriptError serror = SCRIPT_ERR_OK;
     806 [ #  # ][ #  # ]:          0 :         if (!VerifyScript(txin.scriptSig, prevPubKey, &txin.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, TransactionSignatureChecker(&txConst, i, amount, txdata, MissingDataBehavior::FAIL), &serror)) {
                 [ #  # ]
     807         [ #  # ]:          0 :             if (serror == SCRIPT_ERR_INVALID_STACK_OPERATION) {
     808                 :            :                 // Unable to sign input and verification failed (possible attempt to partially sign).
     809 [ #  # ][ #  # ]:          0 :                 input_errors[i] = Untranslated("Unable to sign input, invalid stack size (possibly missing key)");
                 [ #  # ]
     810         [ #  # ]:          0 :             } else if (serror == SCRIPT_ERR_SIG_NULLFAIL) {
     811                 :            :                 // Verification failed (possibly due to insufficient signatures).
     812 [ #  # ][ #  # ]:          0 :                 input_errors[i] = Untranslated("CHECK(MULTI)SIG failing with non-zero signature (possibly need more signatures)");
                 [ #  # ]
     813                 :          0 :             } else {
     814 [ #  # ][ #  # ]:          0 :                 input_errors[i] = Untranslated(ScriptErrorString(serror));
                 [ #  # ]
     815                 :            :             }
     816                 :          0 :         } else {
     817                 :            :             // If this input succeeds, make sure there is no error set for it
     818         [ #  # ]:          0 :             input_errors.erase(i);
     819                 :            :         }
     820      [ #  #  # ]:          0 :     }
     821                 :          0 :     return input_errors.empty();
     822                 :          0 : }

Generated by: LCOV version 1.14