LCOV - code coverage report
Current view: top level - src/script - sign.cpp (source / functions) Hit Total Coverage
Test: fuzz_coverage.info Lines: 10 531 1.9 %
Date: 2023-11-12 01:39:15 Functions: 4 78 5.1 %
Branches: 8 742 1.1 %

           Branch data     Line data    Source code
       1                 :            : // Copyright (c) 2009-2010 Satoshi Nakamoto
       2                 :            : // Copyright (c) 2009-2022 The Bitcoin Core developers
       3                 :            : // Distributed under the MIT software license, see the accompanying
       4                 :            : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
       5                 :            : 
       6                 :            : #include <script/sign.h>
       7                 :            : 
       8                 :            : #include <consensus/amount.h>
       9                 :            : #include <key.h>
      10                 :            : #include <policy/policy.h>
      11                 :            : #include <primitives/transaction.h>
      12                 :            : #include <script/keyorigin.h>
      13                 :            : #include <script/miniscript.h>
      14                 :            : #include <script/script.h>
      15                 :            : #include <script/signingprovider.h>
      16                 :            : #include <script/solver.h>
      17                 :            : #include <uint256.h>
      18                 :            : #include <util/translation.h>
      19                 :            : #include <util/vector.h>
      20                 :            : 
      21                 :            : typedef std::vector<unsigned char> valtype;
      22                 :            : 
      23                 :          0 : MutableTransactionSignatureCreator::MutableTransactionSignatureCreator(const CMutableTransaction& tx, unsigned int input_idx, const CAmount& amount, int hash_type)
      24         [ #  # ]:          0 :     : m_txto{tx}, nIn{input_idx}, nHashType{hash_type}, amount{amount}, checker{&m_txto, nIn, amount, MissingDataBehavior::FAIL},
      25                 :          0 :       m_txdata(nullptr)
      26                 :          0 : {
      27                 :          0 : }
      28                 :            : 
      29                 :          0 : MutableTransactionSignatureCreator::MutableTransactionSignatureCreator(const CMutableTransaction& tx, unsigned int input_idx, const CAmount& amount, const PrecomputedTransactionData* txdata, int hash_type)
      30                 :          0 :     : m_txto{tx}, nIn{input_idx}, nHashType{hash_type}, amount{amount},
      31 [ #  # ][ #  # ]:          0 :       checker{txdata ? MutableTransactionSignatureChecker{&m_txto, nIn, amount, *txdata, MissingDataBehavior::FAIL} :
      32         [ #  # ]:          0 :                        MutableTransactionSignatureChecker{&m_txto, nIn, amount, MissingDataBehavior::FAIL}},
      33                 :          0 :       m_txdata(txdata)
      34                 :          0 : {
      35                 :          0 : }
      36                 :            : 
      37                 :          0 : bool MutableTransactionSignatureCreator::CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& address, const CScript& scriptCode, SigVersion sigversion) const
      38                 :            : {
      39 [ #  # ][ #  # ]:          0 :     assert(sigversion == SigVersion::BASE || sigversion == SigVersion::WITNESS_V0);
      40                 :            : 
      41                 :          0 :     CKey key;
      42 [ #  # ][ #  # ]:          0 :     if (!provider.GetKey(address, key))
      43                 :          0 :         return false;
      44                 :            : 
      45                 :            :     // Signing with uncompressed keys is disabled in witness scripts
      46 [ #  # ][ #  # ]:          0 :     if (sigversion == SigVersion::WITNESS_V0 && !key.IsCompressed())
                 [ #  # ]
      47                 :          0 :         return false;
      48                 :            : 
      49                 :            :     // Signing without known amount does not work in witness scripts.
      50 [ #  # ][ #  # ]:          0 :     if (sigversion == SigVersion::WITNESS_V0 && !MoneyRange(amount)) return false;
                 [ #  # ]
      51                 :            : 
      52                 :            :     // BASE/WITNESS_V0 signatures don't support explicit SIGHASH_DEFAULT, use SIGHASH_ALL instead.
      53         [ #  # ]:          0 :     const int hashtype = nHashType == SIGHASH_DEFAULT ? SIGHASH_ALL : nHashType;
      54                 :            : 
      55         [ #  # ]:          0 :     uint256 hash = SignatureHash(scriptCode, m_txto, nIn, hashtype, amount, sigversion, m_txdata);
      56 [ #  # ][ #  # ]:          0 :     if (!key.Sign(hash, vchSig))
      57                 :          0 :         return false;
      58         [ #  # ]:          0 :     vchSig.push_back((unsigned char)hashtype);
      59                 :          0 :     return true;
      60                 :          0 : }
      61                 :            : 
      62                 :          0 : bool MutableTransactionSignatureCreator::CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion) const
      63                 :            : {
      64 [ #  # ][ #  # ]:          0 :     assert(sigversion == SigVersion::TAPROOT || sigversion == SigVersion::TAPSCRIPT);
      65                 :            : 
      66                 :          0 :     CKey key;
      67 [ #  # ][ #  # ]:          0 :     if (!provider.GetKeyByXOnly(pubkey, key)) return false;
      68                 :            : 
      69                 :            :     // BIP341/BIP342 signing needs lots of precomputed transaction data. While some
      70                 :            :     // (non-SIGHASH_DEFAULT) sighash modes exist that can work with just some subset
      71                 :            :     // of data present, for now, only support signing when everything is provided.
      72 [ #  # ][ #  # ]:          0 :     if (!m_txdata || !m_txdata->m_bip341_taproot_ready || !m_txdata->m_spent_outputs_ready) return false;
                 [ #  # ]
      73                 :            : 
      74         [ #  # ]:          0 :     ScriptExecutionData execdata;
      75                 :          0 :     execdata.m_annex_init = true;
      76                 :          0 :     execdata.m_annex_present = false; // Only support annex-less signing for now.
      77         [ #  # ]:          0 :     if (sigversion == SigVersion::TAPSCRIPT) {
      78                 :          0 :         execdata.m_codeseparator_pos_init = true;
      79                 :          0 :         execdata.m_codeseparator_pos = 0xFFFFFFFF; // Only support non-OP_CODESEPARATOR BIP342 signing for now.
      80         [ #  # ]:          0 :         if (!leaf_hash) return false; // BIP342 signing needs leaf hash.
      81                 :          0 :         execdata.m_tapleaf_hash_init = true;
      82                 :          0 :         execdata.m_tapleaf_hash = *leaf_hash;
      83                 :          0 :     }
      84         [ #  # ]:          0 :     uint256 hash;
      85 [ #  # ][ #  # ]:          0 :     if (!SignatureHashSchnorr(hash, execdata, m_txto, nIn, nHashType, sigversion, *m_txdata, MissingDataBehavior::FAIL)) return false;
      86         [ #  # ]:          0 :     sig.resize(64);
      87                 :            :     // Use uint256{} as aux_rnd for now.
      88 [ #  # ][ #  # ]:          0 :     if (!key.SignSchnorr(hash, sig, merkle_root, {})) return false;
         [ #  # ][ #  # ]
      89 [ #  # ][ #  # ]:          0 :     if (nHashType) sig.push_back(nHashType);
      90                 :          0 :     return true;
      91                 :          0 : }
      92                 :            : 
      93                 :          0 : static bool GetCScript(const SigningProvider& provider, const SignatureData& sigdata, const CScriptID& scriptid, CScript& script)
      94                 :            : {
      95         [ #  # ]:          0 :     if (provider.GetCScript(scriptid, script)) {
      96                 :          0 :         return true;
      97                 :            :     }
      98                 :            :     // Look for scripts in SignatureData
      99         [ #  # ]:          0 :     if (CScriptID(sigdata.redeem_script) == scriptid) {
     100                 :          0 :         script = sigdata.redeem_script;
     101                 :          0 :         return true;
     102         [ #  # ]:          0 :     } else if (CScriptID(sigdata.witness_script) == scriptid) {
     103                 :          0 :         script = sigdata.witness_script;
     104                 :          0 :         return true;
     105                 :            :     }
     106                 :          0 :     return false;
     107                 :          0 : }
     108                 :            : 
     109                 :          0 : static bool GetPubKey(const SigningProvider& provider, const SignatureData& sigdata, const CKeyID& address, CPubKey& pubkey)
     110                 :            : {
     111                 :            :     // Look for pubkey in all partial sigs
     112                 :          0 :     const auto it = sigdata.signatures.find(address);
     113         [ #  # ]:          0 :     if (it != sigdata.signatures.end()) {
     114                 :          0 :         pubkey = it->second.first;
     115                 :          0 :         return true;
     116                 :            :     }
     117                 :            :     // Look for pubkey in pubkey lists
     118                 :          0 :     const auto& pk_it = sigdata.misc_pubkeys.find(address);
     119         [ #  # ]:          0 :     if (pk_it != sigdata.misc_pubkeys.end()) {
     120                 :          0 :         pubkey = pk_it->second.first;
     121                 :          0 :         return true;
     122                 :            :     }
     123                 :          0 :     const auto& tap_pk_it = sigdata.tap_pubkeys.find(address);
     124         [ #  # ]:          0 :     if (tap_pk_it != sigdata.tap_pubkeys.end()) {
     125                 :          0 :         pubkey = tap_pk_it->second.GetEvenCorrespondingCPubKey();
     126                 :          0 :         return true;
     127                 :            :     }
     128                 :            :     // Query the underlying provider
     129                 :          0 :     return provider.GetPubKey(address, pubkey);
     130                 :          0 : }
     131                 :            : 
     132                 :          0 : static bool CreateSig(const BaseSignatureCreator& creator, SignatureData& sigdata, const SigningProvider& provider, std::vector<unsigned char>& sig_out, const CPubKey& pubkey, const CScript& scriptcode, SigVersion sigversion)
     133                 :            : {
     134                 :          0 :     CKeyID keyid = pubkey.GetID();
     135                 :          0 :     const auto it = sigdata.signatures.find(keyid);
     136         [ #  # ]:          0 :     if (it != sigdata.signatures.end()) {
     137                 :          0 :         sig_out = it->second.second;
     138                 :          0 :         return true;
     139                 :            :     }
     140                 :          0 :     KeyOriginInfo info;
     141 [ #  # ][ #  # ]:          0 :     if (provider.GetKeyOrigin(keyid, info)) {
     142 [ #  # ][ #  # ]:          0 :         sigdata.misc_pubkeys.emplace(keyid, std::make_pair(pubkey, std::move(info)));
     143                 :          0 :     }
     144 [ #  # ][ #  # ]:          0 :     if (creator.CreateSig(provider, sig_out, keyid, scriptcode, sigversion)) {
     145 [ #  # ][ #  # ]:          0 :         auto i = sigdata.signatures.emplace(keyid, SigPair(pubkey, sig_out));
     146         [ #  # ]:          0 :         assert(i.second);
     147                 :          0 :         return true;
     148                 :            :     }
     149                 :            :     // Could not make signature or signature not found, add keyid to missing
     150         [ #  # ]:          0 :     sigdata.missing_sigs.push_back(keyid);
     151                 :          0 :     return false;
     152                 :          0 : }
     153                 :            : 
     154                 :          0 : static bool CreateTaprootScriptSig(const BaseSignatureCreator& creator, SignatureData& sigdata, const SigningProvider& provider, std::vector<unsigned char>& sig_out, const XOnlyPubKey& pubkey, const uint256& leaf_hash, SigVersion sigversion)
     155                 :            : {
     156                 :          0 :     KeyOriginInfo info;
     157 [ #  # ][ #  # ]:          0 :     if (provider.GetKeyOriginByXOnly(pubkey, info)) {
     158         [ #  # ]:          0 :         auto it = sigdata.taproot_misc_pubkeys.find(pubkey);
     159         [ #  # ]:          0 :         if (it == sigdata.taproot_misc_pubkeys.end()) {
     160 [ #  # ][ #  # ]:          0 :             sigdata.taproot_misc_pubkeys.emplace(pubkey, std::make_pair(std::set<uint256>({leaf_hash}), info));
                 [ #  # ]
     161                 :          0 :         } else {
     162         [ #  # ]:          0 :             it->second.first.insert(leaf_hash);
     163                 :            :         }
     164                 :          0 :     }
     165                 :            : 
     166         [ #  # ]:          0 :     auto lookup_key = std::make_pair(pubkey, leaf_hash);
     167         [ #  # ]:          0 :     auto it = sigdata.taproot_script_sigs.find(lookup_key);
     168         [ #  # ]:          0 :     if (it != sigdata.taproot_script_sigs.end()) {
     169         [ #  # ]:          0 :         sig_out = it->second;
     170                 :          0 :         return true;
     171                 :            :     }
     172 [ #  # ][ #  # ]:          0 :     if (creator.CreateSchnorrSig(provider, sig_out, pubkey, &leaf_hash, nullptr, sigversion)) {
     173 [ #  # ][ #  # ]:          0 :         sigdata.taproot_script_sigs[lookup_key] = sig_out;
     174                 :          0 :         return true;
     175                 :            :     }
     176                 :          0 :     return false;
     177                 :          0 : }
     178                 :            : 
     179                 :            : template<typename M, typename K, typename V>
     180                 :          0 : miniscript::Availability MsLookupHelper(const M& map, const K& key, V& value)
     181                 :            : {
     182                 :          0 :     auto it = map.find(key);
     183         [ #  # ]:          0 :     if (it != map.end()) {
     184                 :          0 :         value = it->second;
     185                 :          0 :         return miniscript::Availability::YES;
     186                 :            :     }
     187                 :          0 :     return miniscript::Availability::NO;
     188                 :          0 : }
     189                 :            : 
     190                 :            : /**
     191                 :            :  * Context for solving a Miniscript.
     192                 :            :  * If enough material (access to keys, hash preimages, ..) is given, produces a valid satisfaction.
     193                 :            :  */
     194                 :            : template<typename Pk>
     195                 :            : struct Satisfier {
     196                 :            :     using Key = Pk;
     197                 :            : 
     198                 :            :     const SigningProvider& m_provider;
     199                 :            :     SignatureData& m_sig_data;
     200                 :            :     const BaseSignatureCreator& m_creator;
     201                 :            :     const CScript& m_witness_script;
     202                 :            :     //! The context of the script we are satisfying (either P2WSH or Tapscript).
     203                 :            :     const miniscript::MiniscriptContext m_script_ctx;
     204                 :            : 
     205                 :          0 :     explicit Satisfier(const SigningProvider& provider LIFETIMEBOUND, SignatureData& sig_data LIFETIMEBOUND,
     206                 :            :                        const BaseSignatureCreator& creator LIFETIMEBOUND,
     207                 :            :                        const CScript& witscript LIFETIMEBOUND,
     208                 :          0 :                        miniscript::MiniscriptContext script_ctx) : m_provider(provider),
     209                 :          0 :                                                                    m_sig_data(sig_data),
     210                 :          0 :                                                                    m_creator(creator),
     211                 :          0 :                                                                    m_witness_script(witscript),
     212                 :          0 :                                                                    m_script_ctx(script_ctx) {}
     213                 :            : 
     214                 :          0 :     static bool KeyCompare(const Key& a, const Key& b) {
     215                 :          0 :         return a < b;
     216                 :            :     }
     217                 :            : 
     218                 :            :     //! Get a CPubKey from a key hash. Note the key hash may be of an xonly pubkey.
     219                 :            :     template<typename I>
     220                 :          0 :     std::optional<CPubKey> CPubFromPKHBytes(I first, I last) const {
     221 [ #  # ][ #  # ]:          0 :         assert(last - first == 20);
     222                 :          0 :         CPubKey pubkey;
     223                 :          0 :         CKeyID key_id;
     224                 :          0 :         std::copy(first, last, key_id.begin());
     225 [ #  # ][ #  # ]:          0 :         if (GetPubKey(m_provider, m_sig_data, key_id, pubkey)) return pubkey;
     226                 :          0 :         m_sig_data.missing_pubkeys.push_back(key_id);
     227                 :          0 :         return {};
     228                 :          0 :     }
     229                 :            : 
     230                 :            :     //! Conversion to raw public key.
     231 [ #  # ][ #  # ]:          0 :     std::vector<unsigned char> ToPKBytes(const Key& key) const { return {key.begin(), key.end()}; }
     232                 :            : 
     233                 :            :     //! Time lock satisfactions.
     234                 :          0 :     bool CheckAfter(uint32_t value) const { return m_creator.Checker().CheckLockTime(CScriptNum(value)); }
     235                 :          0 :     bool CheckOlder(uint32_t value) const { return m_creator.Checker().CheckSequence(CScriptNum(value)); }
     236                 :            : 
     237                 :            :     //! Hash preimage satisfactions.
     238                 :          0 :     miniscript::Availability SatSHA256(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     239                 :          0 :         return MsLookupHelper(m_sig_data.sha256_preimages, hash, preimage);
     240                 :            :     }
     241                 :          0 :     miniscript::Availability SatRIPEMD160(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     242                 :          0 :         return MsLookupHelper(m_sig_data.ripemd160_preimages, hash, preimage);
     243                 :            :     }
     244                 :          0 :     miniscript::Availability SatHASH256(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     245                 :          0 :         return MsLookupHelper(m_sig_data.hash256_preimages, hash, preimage);
     246                 :            :     }
     247                 :          0 :     miniscript::Availability SatHASH160(const std::vector<unsigned char>& hash, std::vector<unsigned char>& preimage) const {
     248                 :          0 :         return MsLookupHelper(m_sig_data.hash160_preimages, hash, preimage);
     249                 :            :     }
     250                 :            : 
     251                 :          0 :     miniscript::MiniscriptContext MsContext() const {
     252                 :          0 :         return m_script_ctx;
     253                 :            :     }
     254                 :            : };
     255                 :            : 
     256                 :            : /** Miniscript satisfier specific to P2WSH context. */
     257                 :            : struct WshSatisfier: Satisfier<CPubKey> {
     258                 :          0 :     explicit WshSatisfier(const SigningProvider& provider LIFETIMEBOUND, SignatureData& sig_data LIFETIMEBOUND,
     259                 :            :                           const BaseSignatureCreator& creator LIFETIMEBOUND, const CScript& witscript LIFETIMEBOUND)
     260                 :          0 :                           : Satisfier(provider, sig_data, creator, witscript, miniscript::MiniscriptContext::P2WSH) {}
     261                 :            : 
     262                 :            :     //! Conversion from a raw compressed public key.
     263                 :            :     template <typename I>
     264                 :          0 :     std::optional<CPubKey> FromPKBytes(I first, I last) const {
     265                 :          0 :         CPubKey pubkey{first, last};
     266         [ #  # ]:          0 :         if (pubkey.IsValid()) return pubkey;
     267                 :          0 :         return {};
     268                 :          0 :     }
     269                 :            : 
     270                 :            :     //! Conversion from a raw compressed public key hash.
     271                 :            :     template<typename I>
     272                 :          0 :     std::optional<CPubKey> FromPKHBytes(I first, I last) const {
     273                 :          0 :         return Satisfier::CPubFromPKHBytes(first, last);
     274                 :            :     }
     275                 :            : 
     276                 :            :     //! Satisfy an ECDSA signature check.
     277                 :          0 :     miniscript::Availability Sign(const CPubKey& key, std::vector<unsigned char>& sig) const {
     278         [ #  # ]:          0 :         if (CreateSig(m_creator, m_sig_data, m_provider, sig, key, m_witness_script, SigVersion::WITNESS_V0)) {
     279                 :          0 :             return miniscript::Availability::YES;
     280                 :            :         }
     281                 :          0 :         return miniscript::Availability::NO;
     282                 :          0 :     }
     283                 :            : };
     284                 :            : 
     285                 :            : /** Miniscript satisfier specific to Tapscript context. */
     286                 :            : struct TapSatisfier: Satisfier<XOnlyPubKey> {
     287                 :            :     const uint256& m_leaf_hash;
     288                 :            : 
     289                 :          0 :     explicit TapSatisfier(const SigningProvider& provider LIFETIMEBOUND, SignatureData& sig_data LIFETIMEBOUND,
     290                 :            :                           const BaseSignatureCreator& creator LIFETIMEBOUND, const CScript& script LIFETIMEBOUND,
     291                 :            :                           const uint256& leaf_hash LIFETIMEBOUND)
     292                 :          0 :                           : Satisfier(provider, sig_data, creator, script, miniscript::MiniscriptContext::TAPSCRIPT),
     293                 :          0 :                             m_leaf_hash(leaf_hash) {}
     294                 :            : 
     295                 :            :     //! Conversion from a raw xonly public key.
     296                 :            :     template <typename I>
     297                 :          0 :     std::optional<XOnlyPubKey> FromPKBytes(I first, I last) const {
     298                 :          0 :         CHECK_NONFATAL(last - first == 32);
     299                 :          0 :         XOnlyPubKey pubkey;
     300                 :          0 :         std::copy(first, last, pubkey.begin());
     301                 :          0 :         return pubkey;
     302                 :            :     }
     303                 :            : 
     304                 :            :     //! Conversion from a raw xonly public key hash.
     305                 :            :     template<typename I>
     306                 :          0 :     std::optional<XOnlyPubKey> FromPKHBytes(I first, I last) const {
     307         [ #  # ]:          0 :         if (auto pubkey = Satisfier::CPubFromPKHBytes(first, last)) return XOnlyPubKey{*pubkey};
     308                 :          0 :         return {};
     309                 :          0 :     }
     310                 :            : 
     311                 :            :     //! Satisfy a BIP340 signature check.
     312                 :          0 :     miniscript::Availability Sign(const XOnlyPubKey& key, std::vector<unsigned char>& sig) const {
     313         [ #  # ]:          0 :         if (CreateTaprootScriptSig(m_creator, m_sig_data, m_provider, sig, key, m_leaf_hash, SigVersion::TAPSCRIPT)) {
     314                 :          0 :             return miniscript::Availability::YES;
     315                 :            :         }
     316                 :          0 :         return miniscript::Availability::NO;
     317                 :          0 :     }
     318                 :            : };
     319                 :            : 
     320                 :          0 : static bool SignTaprootScript(const SigningProvider& provider, const BaseSignatureCreator& creator, SignatureData& sigdata, int leaf_version, Span<const unsigned char> script_bytes, std::vector<valtype>& result)
     321                 :            : {
     322                 :            :     // Only BIP342 tapscript signing is supported for now.
     323         [ #  # ]:          0 :     if (leaf_version != TAPROOT_LEAF_TAPSCRIPT) return false;
     324                 :            : 
     325                 :          0 :     uint256 leaf_hash = ComputeTapleafHash(leaf_version, script_bytes);
     326         [ +  - ]:          2 :     CScript script = CScript(script_bytes.begin(), script_bytes.end());
     327                 :            : 
     328 [ +  - ][ -  + ]:          2 :     TapSatisfier ms_satisfier{provider, sigdata, creator, script, leaf_hash};
         [ +  - ][ +  - ]
                 [ #  # ]
     329         [ #  # ]:          0 :     const auto ms = miniscript::FromScript(script, ms_satisfier);
     330 [ +  - ][ #  # ]:          2 :     return ms && ms->Satisfy(ms_satisfier, result) == miniscript::Availability::YES;
                 [ #  # ]
     331                 :          0 : }
     332                 :          2 : 
     333                 :          0 : static bool SignTaproot(const SigningProvider& provider, const BaseSignatureCreator& creator, const WitnessV1Taproot& output, SignatureData& sigdata, std::vector<valtype>& result)
     334 [ +  - ][ +  - ]:          2 : {
     335                 :          0 :     TaprootSpendData spenddata;
     336         [ #  # ]:          0 :     TaprootBuilder builder;
     337                 :            : 
     338                 :            :     // Gather information about this output.
     339 [ #  # ][ #  # ]:          0 :     if (provider.GetTaprootSpendData(output, spenddata)) {
     340 [ #  # ][ #  # ]:          0 :         sigdata.tr_spenddata.Merge(spenddata);
     341                 :          0 :     }
     342 [ #  # ][ #  # ]:          0 :     if (provider.GetTaprootBuilder(output, builder)) {
     343         [ #  # ]:          0 :         sigdata.tr_builder = builder;
     344                 :          0 :     }
     345                 :            : 
     346                 :            :     // Try key path spending.
     347                 :            :     {
     348                 :          0 :         KeyOriginInfo info;
     349 [ #  # ][ #  # ]:          0 :         if (provider.GetKeyOriginByXOnly(sigdata.tr_spenddata.internal_key, info)) {
     350         [ #  # ]:          0 :             auto it = sigdata.taproot_misc_pubkeys.find(sigdata.tr_spenddata.internal_key);
     351         [ #  # ]:          0 :             if (it == sigdata.taproot_misc_pubkeys.end()) {
     352 [ #  # ][ #  # ]:          0 :                 sigdata.taproot_misc_pubkeys.emplace(sigdata.tr_spenddata.internal_key, std::make_pair(std::set<uint256>(), info));
     353                 :          0 :             }
     354                 :          0 :         }
     355                 :            : 
     356                 :          0 :         std::vector<unsigned char> sig;
     357         [ #  # ]:          0 :         if (sigdata.taproot_key_path_sig.size() == 0) {
     358 [ #  # ][ #  # ]:          0 :             if (creator.CreateSchnorrSig(provider, sig, sigdata.tr_spenddata.internal_key, nullptr, &sigdata.tr_spenddata.merkle_root, SigVersion::TAPROOT)) {
     359         [ #  # ]:          0 :                 sigdata.taproot_key_path_sig = sig;
     360                 :          0 :             }
     361                 :          0 :         }
     362         [ #  # ]:          0 :         if (sigdata.taproot_key_path_sig.size() == 0) {
     363 [ #  # ][ #  # ]:          0 :             if (creator.CreateSchnorrSig(provider, sig, output, nullptr, nullptr, SigVersion::TAPROOT)) {
     364         [ #  # ]:          0 :                 sigdata.taproot_key_path_sig = sig;
     365                 :          0 :             }
     366                 :          0 :         }
     367         [ #  # ]:          0 :         if (sigdata.taproot_key_path_sig.size()) {
     368         [ #  # ]:          0 :             result = Vector(sigdata.taproot_key_path_sig);
     369                 :          0 :             return true;
     370                 :            :         }
     371         [ #  # ]:          0 :     }
     372                 :            : 
     373                 :            :     // Try script path spending.
     374                 :          0 :     std::vector<std::vector<unsigned char>> smallest_result_stack;
     375         [ #  # ]:          0 :     for (const auto& [key, control_blocks] : sigdata.tr_spenddata.scripts) {
     376                 :          0 :         const auto& [script, leaf_ver] = key;
     377                 :          0 :         std::vector<std::vector<unsigned char>> result_stack;
     378 [ #  # ][ #  # ]:          0 :         if (SignTaprootScript(provider, creator, sigdata, leaf_ver, script, result_stack)) {
         [ #  # ][ #  # ]
                 [ #  # ]
     379 [ #  # ][ #  # ]:          0 :             result_stack.emplace_back(std::begin(script), std::end(script)); // Push the script
         [ #  # ][ #  # ]
     380         [ #  # ]:          0 :             result_stack.push_back(*control_blocks.begin()); // Push the smallest control block
     381 [ #  # ][ #  # ]:          0 :             if (smallest_result_stack.size() == 0 ||
     382 [ #  # ][ #  # ]:          0 :                 GetSerializeSize(result_stack, PROTOCOL_VERSION) < GetSerializeSize(smallest_result_stack, PROTOCOL_VERSION)) {
     383                 :          0 :                 smallest_result_stack = std::move(result_stack);
     384                 :          0 :             }
     385                 :          0 :         }
     386                 :          0 :     }
     387         [ #  # ]:          0 :     if (smallest_result_stack.size() != 0) {
     388                 :          0 :         result = std::move(smallest_result_stack);
     389                 :          0 :         return true;
     390                 :            :     }
     391                 :            : 
     392                 :          0 :     return false;
     393                 :          0 : }
     394                 :            : 
     395                 :            : /**
     396                 :            :  * Sign scriptPubKey using signature made with creator.
     397                 :            :  * Signatures are returned in scriptSigRet (or returns false if scriptPubKey can't be signed),
     398                 :            :  * unless whichTypeRet is TxoutType::SCRIPTHASH, in which case scriptSigRet is the redemption script.
     399                 :            :  * Returns false if scriptPubKey could not be completely satisfied.
     400                 :            :  */
     401                 :          0 : static bool SignStep(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& scriptPubKey,
     402                 :            :                      std::vector<valtype>& ret, TxoutType& whichTypeRet, SigVersion sigversion, SignatureData& sigdata)
     403                 :            : {
     404                 :          0 :     CScript scriptRet;
     405                 :          0 :     ret.clear();
     406                 :          0 :     std::vector<unsigned char> sig;
     407                 :            : 
     408                 :          0 :     std::vector<valtype> vSolutions;
     409         [ #  # ]:          0 :     whichTypeRet = Solver(scriptPubKey, vSolutions);
     410                 :            : 
     411   [ #  #  #  #  :          0 :     switch (whichTypeRet) {
             #  #  #  #  
                      # ]
     412                 :            :     case TxoutType::NONSTANDARD:
     413                 :            :     case TxoutType::NULL_DATA:
     414                 :            :     case TxoutType::WITNESS_UNKNOWN:
     415                 :          0 :         return false;
     416                 :            :     case TxoutType::PUBKEY:
     417 [ #  # ][ #  # ]:          0 :         if (!CreateSig(creator, sigdata, provider, sig, CPubKey(vSolutions[0]), scriptPubKey, sigversion)) return false;
         [ #  # ][ #  # ]
     418         [ #  # ]:          0 :         ret.push_back(std::move(sig));
     419                 :          0 :         return true;
     420                 :            :     case TxoutType::PUBKEYHASH: {
     421 [ #  # ][ #  # ]:          0 :         CKeyID keyID = CKeyID(uint160(vSolutions[0]));
                 [ #  # ]
     422         [ #  # ]:          0 :         CPubKey pubkey;
     423 [ #  # ][ #  # ]:          0 :         if (!GetPubKey(provider, sigdata, keyID, pubkey)) {
     424                 :            :             // Pubkey could not be found, add to missing
     425         [ #  # ]:          0 :             sigdata.missing_pubkeys.push_back(keyID);
     426                 :          0 :             return false;
     427                 :            :         }
     428 [ #  # ][ #  # ]:          0 :         if (!CreateSig(creator, sigdata, provider, sig, pubkey, scriptPubKey, sigversion)) return false;
     429         [ #  # ]:          0 :         ret.push_back(std::move(sig));
     430 [ #  # ][ #  # ]:          0 :         ret.push_back(ToByteVector(pubkey));
     431                 :          0 :         return true;
     432                 :            :     }
     433                 :            :     case TxoutType::SCRIPTHASH: {
     434 [ #  # ][ #  # ]:          0 :         uint160 h160{vSolutions[0]};
     435 [ #  # ][ #  # ]:          0 :         if (GetCScript(provider, sigdata, CScriptID{h160}, scriptRet)) {
                 [ #  # ]
     436 [ #  # ][ #  # ]:          0 :             ret.emplace_back(scriptRet.begin(), scriptRet.end());
                 [ #  # ]
     437                 :          0 :             return true;
     438                 :            :         }
     439                 :            :         // Could not find redeemScript, add to missing
     440                 :          0 :         sigdata.missing_redeem_script = h160;
     441                 :          0 :         return false;
     442                 :            :     }
     443                 :            :     case TxoutType::MULTISIG: {
     444                 :          0 :         size_t required = vSolutions.front()[0];
     445         [ #  # ]:          0 :         ret.emplace_back(); // workaround CHECKMULTISIG bug
     446         [ #  # ]:          0 :         for (size_t i = 1; i < vSolutions.size() - 1; ++i) {
     447 [ #  # ][ #  # ]:          0 :             CPubKey pubkey = CPubKey(vSolutions[i]);
     448                 :            :             // We need to always call CreateSig in order to fill sigdata with all
     449                 :            :             // possible signatures that we can create. This will allow further PSBT
     450                 :            :             // processing to work as it needs all possible signature and pubkey pairs
     451 [ #  # ][ #  # ]:          0 :             if (CreateSig(creator, sigdata, provider, sig, pubkey, scriptPubKey, sigversion)) {
     452         [ #  # ]:          0 :                 if (ret.size() < required + 1) {
     453         [ #  # ]:          0 :                     ret.push_back(std::move(sig));
     454                 :          0 :                 }
     455                 :          0 :             }
     456                 :          0 :         }
     457                 :          0 :         bool ok = ret.size() == required + 1;
     458         [ #  # ]:          0 :         for (size_t i = 0; i + ret.size() < required + 1; ++i) {
     459         [ #  # ]:          0 :             ret.emplace_back();
     460                 :          0 :         }
     461                 :          0 :         return ok;
     462                 :            :     }
     463                 :            :     case TxoutType::WITNESS_V0_KEYHASH:
     464         [ #  # ]:          0 :         ret.push_back(vSolutions[0]);
     465                 :          0 :         return true;
     466                 :            : 
     467                 :            :     case TxoutType::WITNESS_V0_SCRIPTHASH:
     468 [ #  # ][ #  # ]:          0 :         if (GetCScript(provider, sigdata, CScriptID{RIPEMD160(vSolutions[0])}, scriptRet)) {
         [ #  # ][ #  # ]
                 [ #  # ]
     469 [ #  # ][ #  # ]:          0 :             ret.emplace_back(scriptRet.begin(), scriptRet.end());
                 [ #  # ]
     470                 :          0 :             return true;
     471                 :            :         }
     472                 :            :         // Could not find witnessScript, add to missing
     473 [ #  # ][ #  # ]:          0 :         sigdata.missing_witness_script = uint256(vSolutions[0]);
     474                 :          0 :         return false;
     475                 :            : 
     476                 :            :     case TxoutType::WITNESS_V1_TAPROOT:
     477 [ #  # ][ #  # ]:          0 :         return SignTaproot(provider, creator, WitnessV1Taproot(XOnlyPubKey{vSolutions[0]}), sigdata, ret);
         [ #  # ][ #  # ]
     478                 :            :     } // no default case, so the compiler can warn about missing cases
     479                 :          0 :     assert(false);
     480                 :          0 : }
     481                 :            : 
     482                 :          0 : static CScript PushAll(const std::vector<valtype>& values)
     483                 :            : {
     484                 :          0 :     CScript result;
     485         [ #  # ]:          0 :     for (const valtype& v : values) {
     486         [ #  # ]:          0 :         if (v.size() == 0) {
     487         [ #  # ]:          0 :             result << OP_0;
     488 [ #  # ][ #  # ]:          0 :         } else if (v.size() == 1 && v[0] >= 1 && v[0] <= 16) {
                 [ #  # ]
     489 [ #  # ][ #  # ]:          0 :             result << CScript::EncodeOP_N(v[0]);
     490 [ #  # ][ #  # ]:          0 :         } else if (v.size() == 1 && v[0] == 0x81) {
     491         [ #  # ]:          0 :             result << OP_1NEGATE;
     492                 :          0 :         } else {
     493         [ #  # ]:          0 :             result << v;
     494                 :            :         }
     495                 :            :     }
     496                 :          0 :     return result;
     497         [ #  # ]:          0 : }
     498                 :            : 
     499                 :          0 : bool ProduceSignature(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& fromPubKey, SignatureData& sigdata)
     500                 :            : {
     501         [ #  # ]:          0 :     if (sigdata.complete) return true;
     502                 :            : 
     503                 :          0 :     std::vector<valtype> result;
     504                 :            :     TxoutType whichType;
     505         [ #  # ]:          0 :     bool solved = SignStep(provider, creator, fromPubKey, result, whichType, SigVersion::BASE, sigdata);
     506                 :          0 :     bool P2SH = false;
     507         [ #  # ]:          0 :     CScript subscript;
     508                 :            : 
     509 [ #  # ][ #  # ]:          0 :     if (solved && whichType == TxoutType::SCRIPTHASH)
     510                 :            :     {
     511                 :            :         // Solver returns the subscript that needs to be evaluated;
     512                 :            :         // the final scriptSig is the signatures from that
     513                 :            :         // and then the serialized subscript:
     514         [ #  # ]:          0 :         subscript = CScript(result[0].begin(), result[0].end());
     515         [ #  # ]:          0 :         sigdata.redeem_script = subscript;
     516 [ #  # ][ #  # ]:          0 :         solved = solved && SignStep(provider, creator, subscript, result, whichType, SigVersion::BASE, sigdata) && whichType != TxoutType::SCRIPTHASH;
                 [ #  # ]
     517                 :          0 :         P2SH = true;
     518                 :          0 :     }
     519                 :            : 
     520 [ #  # ][ #  # ]:          0 :     if (solved && whichType == TxoutType::WITNESS_V0_KEYHASH)
     521                 :            :     {
     522         [ #  # ]:          0 :         CScript witnessscript;
     523 [ #  # ][ #  # ]:          0 :         witnessscript << OP_DUP << OP_HASH160 << ToByteVector(result[0]) << OP_EQUALVERIFY << OP_CHECKSIG;
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
     524                 :            :         TxoutType subType;
     525 [ #  # ][ #  # ]:          0 :         solved = solved && SignStep(provider, creator, witnessscript, result, subType, SigVersion::WITNESS_V0, sigdata);
     526         [ #  # ]:          0 :         sigdata.scriptWitness.stack = result;
     527                 :          0 :         sigdata.witness = true;
     528                 :          0 :         result.clear();
     529                 :          0 :     }
     530 [ #  # ][ #  # ]:          0 :     else if (solved && whichType == TxoutType::WITNESS_V0_SCRIPTHASH)
     531                 :            :     {
     532         [ #  # ]:          0 :         CScript witnessscript(result[0].begin(), result[0].end());
     533         [ #  # ]:          0 :         sigdata.witness_script = witnessscript;
     534                 :            : 
     535                 :          0 :         TxoutType subType{TxoutType::NONSTANDARD};
     536 [ #  # ][ #  # ]:          0 :         solved = solved && SignStep(provider, creator, witnessscript, result, subType, SigVersion::WITNESS_V0, sigdata) && subType != TxoutType::SCRIPTHASH && subType != TxoutType::WITNESS_V0_SCRIPTHASH && subType != TxoutType::WITNESS_V0_KEYHASH;
         [ #  # ][ #  # ]
                 [ #  # ]
     537                 :            : 
     538                 :            :         // If we couldn't find a solution with the legacy satisfier, try satisfying the script using Miniscript.
     539                 :            :         // Note we need to check if the result stack is empty before, because it might be used even if the Script
     540                 :            :         // isn't fully solved. For instance the CHECKMULTISIG satisfaction in SignStep() pushes partial signatures
     541                 :            :         // and the extractor relies on this behaviour to combine witnesses.
     542 [ #  # ][ #  # ]:          0 :         if (!solved && result.empty()) {
     543         [ #  # ]:          0 :             WshSatisfier ms_satisfier{provider, sigdata, creator, witnessscript};
     544         [ #  # ]:          0 :             const auto ms = miniscript::FromScript(witnessscript, ms_satisfier);
     545 [ #  # ][ #  # ]:          0 :             solved = ms && ms->Satisfy(ms_satisfier, result) == miniscript::Availability::YES;
     546                 :          0 :         }
     547 [ #  # ][ #  # ]:          0 :         result.emplace_back(witnessscript.begin(), witnessscript.end());
                 [ #  # ]
     548                 :            : 
     549         [ #  # ]:          0 :         sigdata.scriptWitness.stack = result;
     550                 :          0 :         sigdata.witness = true;
     551                 :          0 :         result.clear();
     552 [ #  # ][ #  # ]:          0 :     } else if (whichType == TxoutType::WITNESS_V1_TAPROOT && !P2SH) {
     553                 :          0 :         sigdata.witness = true;
     554         [ #  # ]:          0 :         if (solved) {
     555                 :          0 :             sigdata.scriptWitness.stack = std::move(result);
     556                 :          0 :         }
     557                 :          0 :         result.clear();
     558 [ #  # ][ #  # ]:          0 :     } else if (solved && whichType == TxoutType::WITNESS_UNKNOWN) {
     559                 :          0 :         sigdata.witness = true;
     560                 :          0 :     }
     561                 :            : 
     562         [ #  # ]:          0 :     if (!sigdata.witness) sigdata.scriptWitness.stack.clear();
     563         [ #  # ]:          0 :     if (P2SH) {
     564 [ #  # ][ #  # ]:          0 :         result.emplace_back(subscript.begin(), subscript.end());
                 [ #  # ]
     565                 :          0 :     }
     566         [ #  # ]:          0 :     sigdata.scriptSig = PushAll(result);
     567                 :            : 
     568                 :            :     // Test solution
     569 [ #  # ][ #  # ]:          0 :     sigdata.complete = solved && VerifyScript(sigdata.scriptSig, fromPubKey, &sigdata.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, creator.Checker());
                 [ #  # ]
     570                 :          0 :     return sigdata.complete;
     571                 :          0 : }
     572                 :            : 
     573                 :            : namespace {
     574                 :          0 : class SignatureExtractorChecker final : public DeferringSignatureChecker
     575                 :            : {
     576                 :            : private:
     577                 :            :     SignatureData& sigdata;
     578                 :            : 
     579                 :            : public:
     580                 :          0 :     SignatureExtractorChecker(SignatureData& sigdata, BaseSignatureChecker& checker) : DeferringSignatureChecker(checker), sigdata(sigdata) {}
     581                 :            : 
     582                 :          0 :     bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
     583                 :            :     {
     584         [ #  # ]:          0 :         if (m_checker.CheckECDSASignature(scriptSig, vchPubKey, scriptCode, sigversion)) {
     585                 :          0 :             CPubKey pubkey(vchPubKey);
     586         [ #  # ]:          0 :             sigdata.signatures.emplace(pubkey.GetID(), SigPair(pubkey, scriptSig));
     587                 :          0 :             return true;
     588                 :            :         }
     589                 :          0 :         return false;
     590                 :          0 :     }
     591                 :            : };
     592                 :            : 
     593                 :          0 : struct Stacks
     594                 :            : {
     595                 :            :     std::vector<valtype> script;
     596                 :            :     std::vector<valtype> witness;
     597                 :            : 
     598                 :            :     Stacks() = delete;
     599                 :            :     Stacks(const Stacks&) = delete;
     600         [ #  # ]:          0 :     explicit Stacks(const SignatureData& data) : witness(data.scriptWitness.stack) {
     601         [ #  # ]:          0 :         EvalScript(script, data.scriptSig, SCRIPT_VERIFY_STRICTENC, BaseSignatureChecker(), SigVersion::BASE);
     602                 :          0 :     }
     603                 :            : };
     604                 :            : }
     605                 :            : 
     606                 :            : // Extracts signatures and scripts from incomplete scriptSigs. Please do not extend this, use PSBT instead
     607                 :          0 : SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn, const CTxOut& txout)
     608                 :            : {
     609                 :          0 :     SignatureData data;
     610         [ #  # ]:          0 :     assert(tx.vin.size() > nIn);
     611         [ #  # ]:          0 :     data.scriptSig = tx.vin[nIn].scriptSig;
     612         [ #  # ]:          0 :     data.scriptWitness = tx.vin[nIn].scriptWitness;
     613         [ #  # ]:          0 :     Stacks stack(data);
     614                 :            : 
     615                 :            :     // Get signatures
     616         [ #  # ]:          0 :     MutableTransactionSignatureChecker tx_checker(&tx, nIn, txout.nValue, MissingDataBehavior::FAIL);
     617         [ #  # ]:          0 :     SignatureExtractorChecker extractor_checker(data, tx_checker);
     618 [ #  # ][ #  # ]:          0 :     if (VerifyScript(data.scriptSig, txout.scriptPubKey, &data.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, extractor_checker)) {
     619                 :          0 :         data.complete = true;
     620                 :          0 :         return data;
     621                 :            :     }
     622                 :            : 
     623                 :            :     // Get scripts
     624                 :          0 :     std::vector<std::vector<unsigned char>> solutions;
     625         [ #  # ]:          0 :     TxoutType script_type = Solver(txout.scriptPubKey, solutions);
     626                 :          0 :     SigVersion sigversion = SigVersion::BASE;
     627         [ #  # ]:          0 :     CScript next_script = txout.scriptPubKey;
     628                 :            : 
     629 [ #  # ][ #  # ]:          0 :     if (script_type == TxoutType::SCRIPTHASH && !stack.script.empty() && !stack.script.back().empty()) {
                 [ #  # ]
     630                 :            :         // Get the redeemScript
     631         [ #  # ]:          0 :         CScript redeem_script(stack.script.back().begin(), stack.script.back().end());
     632         [ #  # ]:          0 :         data.redeem_script = redeem_script;
     633                 :          0 :         next_script = std::move(redeem_script);
     634                 :            : 
     635                 :            :         // Get redeemScript type
     636         [ #  # ]:          0 :         script_type = Solver(next_script, solutions);
     637                 :          0 :         stack.script.pop_back();
     638                 :          0 :     }
     639 [ #  # ][ #  # ]:          0 :     if (script_type == TxoutType::WITNESS_V0_SCRIPTHASH && !stack.witness.empty() && !stack.witness.back().empty()) {
                 [ #  # ]
     640                 :            :         // Get the witnessScript
     641         [ #  # ]:          0 :         CScript witness_script(stack.witness.back().begin(), stack.witness.back().end());
     642         [ #  # ]:          0 :         data.witness_script = witness_script;
     643                 :          0 :         next_script = std::move(witness_script);
     644                 :            : 
     645                 :            :         // Get witnessScript type
     646         [ #  # ]:          0 :         script_type = Solver(next_script, solutions);
     647                 :          0 :         stack.witness.pop_back();
     648                 :          0 :         stack.script = std::move(stack.witness);
     649                 :          0 :         stack.witness.clear();
     650                 :          0 :         sigversion = SigVersion::WITNESS_V0;
     651                 :          0 :     }
     652 [ #  # ][ #  # ]:          0 :     if (script_type == TxoutType::MULTISIG && !stack.script.empty()) {
     653                 :            :         // Build a map of pubkey -> signature by matching sigs to pubkeys:
     654         [ #  # ]:          0 :         assert(solutions.size() > 1);
     655                 :          0 :         unsigned int num_pubkeys = solutions.size()-2;
     656                 :          0 :         unsigned int last_success_key = 0;
     657         [ #  # ]:          0 :         for (const valtype& sig : stack.script) {
     658         [ #  # ]:          0 :             for (unsigned int i = last_success_key; i < num_pubkeys; ++i) {
     659                 :          0 :                 const valtype& pubkey = solutions[i+1];
     660                 :            :                 // We either have a signature for this pubkey, or we have found a signature and it is valid
     661 [ #  # ][ #  # ]:          0 :                 if (data.signatures.count(CPubKey(pubkey).GetID()) || extractor_checker.CheckECDSASignature(sig, pubkey, next_script, sigversion)) {
         [ #  # ][ #  # ]
         [ #  # ][ #  # ]
                 [ #  # ]
     662                 :          0 :                     last_success_key = i + 1;
     663                 :          0 :                     break;
     664                 :            :                 }
     665                 :          0 :             }
     666                 :            :         }
     667                 :          0 :     }
     668                 :            : 
     669                 :          0 :     return data;
     670         [ #  # ]:          0 : }
     671                 :            : 
     672                 :          0 : void UpdateInput(CTxIn& input, const SignatureData& data)
     673                 :            : {
     674                 :          0 :     input.scriptSig = data.scriptSig;
     675                 :          0 :     input.scriptWitness = data.scriptWitness;
     676                 :          0 : }
     677                 :            : 
     678                 :          0 : void SignatureData::MergeSignatureData(SignatureData sigdata)
     679                 :            : {
     680         [ #  # ]:          0 :     if (complete) return;
     681         [ #  # ]:          0 :     if (sigdata.complete) {
     682                 :          0 :         *this = std::move(sigdata);
     683                 :          0 :         return;
     684                 :            :     }
     685 [ #  # ][ #  # ]:          0 :     if (redeem_script.empty() && !sigdata.redeem_script.empty()) {
     686                 :          0 :         redeem_script = sigdata.redeem_script;
     687                 :          0 :     }
     688 [ #  # ][ #  # ]:          0 :     if (witness_script.empty() && !sigdata.witness_script.empty()) {
     689                 :          0 :         witness_script = sigdata.witness_script;
     690                 :          0 :     }
     691                 :          0 :     signatures.insert(std::make_move_iterator(sigdata.signatures.begin()), std::make_move_iterator(sigdata.signatures.end()));
     692                 :          0 : }
     693                 :            : 
     694                 :          0 : bool SignSignature(const SigningProvider &provider, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType, SignatureData& sig_data)
     695                 :            : {
     696         [ #  # ]:          0 :     assert(nIn < txTo.vin.size());
     697                 :            : 
     698                 :          0 :     MutableTransactionSignatureCreator creator(txTo, nIn, amount, nHashType);
     699                 :            : 
     700         [ #  # ]:          0 :     bool ret = ProduceSignature(provider, creator, fromPubKey, sig_data);
     701 [ #  # ][ #  # ]:          0 :     UpdateInput(txTo.vin.at(nIn), sig_data);
     702                 :          0 :     return ret;
     703                 :          0 : }
     704                 :            : 
     705                 :          0 : bool SignSignature(const SigningProvider &provider, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType, SignatureData& sig_data)
     706                 :            : {
     707         [ #  # ]:          0 :     assert(nIn < txTo.vin.size());
     708                 :          0 :     const CTxIn& txin = txTo.vin[nIn];
     709         [ #  # ]:          0 :     assert(txin.prevout.n < txFrom.vout.size());
     710                 :          0 :     const CTxOut& txout = txFrom.vout[txin.prevout.n];
     711                 :            : 
     712                 :          0 :     return SignSignature(provider, txout.scriptPubKey, txTo, nIn, txout.nValue, nHashType, sig_data);
     713                 :            : }
     714                 :            : 
     715                 :            : namespace {
     716                 :            : /** Dummy signature checker which accepts all signatures. */
     717                 :          0 : class DummySignatureChecker final : public BaseSignatureChecker
     718                 :            : {
     719                 :            : public:
     720                 :          2 :     DummySignatureChecker() = default;
     721                 :          0 :     bool CheckECDSASignature(const std::vector<unsigned char>& sig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override { return sig.size() != 0; }
     722                 :          0 :     bool CheckSchnorrSignature(Span<const unsigned char> sig, Span<const unsigned char> pubkey, SigVersion sigversion, ScriptExecutionData& execdata, ScriptError* serror) const override { return sig.size() != 0; }
     723                 :          0 :     bool CheckLockTime(const CScriptNum& nLockTime) const override { return true; }
     724                 :          0 :     bool CheckSequence(const CScriptNum& nSequence) const override { return true; }
     725                 :            : };
     726                 :            : }
     727                 :            : 
     728                 :          2 : const BaseSignatureChecker& DUMMY_CHECKER = DummySignatureChecker();
     729                 :            : 
     730                 :            : namespace {
     731                 :          0 : class DummySignatureCreator final : public BaseSignatureCreator {
     732                 :            : private:
     733                 :            :     char m_r_len = 32;
     734                 :            :     char m_s_len = 32;
     735                 :            : public:
     736                 :          4 :     DummySignatureCreator(char r_len, char s_len) : m_r_len(r_len), m_s_len(s_len) {}
     737                 :          0 :     const BaseSignatureChecker& Checker() const override { return DUMMY_CHECKER; }
     738                 :          0 :     bool CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const override
     739                 :            :     {
     740                 :            :         // Create a dummy signature that is a valid DER-encoding
     741                 :          0 :         vchSig.assign(m_r_len + m_s_len + 7, '\000');
     742                 :          0 :         vchSig[0] = 0x30;
     743                 :          0 :         vchSig[1] = m_r_len + m_s_len + 4;
     744                 :          0 :         vchSig[2] = 0x02;
     745                 :          0 :         vchSig[3] = m_r_len;
     746                 :          0 :         vchSig[4] = 0x01;
     747                 :          0 :         vchSig[4 + m_r_len] = 0x02;
     748                 :          0 :         vchSig[5 + m_r_len] = m_s_len;
     749                 :          0 :         vchSig[6 + m_r_len] = 0x01;
     750                 :          0 :         vchSig[6 + m_r_len + m_s_len] = SIGHASH_ALL;
     751                 :          0 :         return true;
     752                 :            :     }
     753                 :          0 :     bool CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* tweak, SigVersion sigversion) const override
     754                 :            :     {
     755                 :          0 :         sig.assign(64, '\000');
     756                 :          0 :         return true;
     757                 :            :     }
     758                 :            : };
     759                 :            : 
     760                 :            : }
     761                 :            : 
     762                 :          2 : const BaseSignatureCreator& DUMMY_SIGNATURE_CREATOR = DummySignatureCreator(32, 32);
     763                 :          2 : const BaseSignatureCreator& DUMMY_MAXIMUM_SIGNATURE_CREATOR = DummySignatureCreator(33, 32);
     764                 :            : 
     765                 :          0 : bool IsSegWitOutput(const SigningProvider& provider, const CScript& script)
     766                 :            : {
     767                 :            :     int version;
     768                 :          0 :     valtype program;
     769 [ #  # ][ #  # ]:          0 :     if (script.IsWitnessProgram(version, program)) return true;
     770 [ #  # ][ #  # ]:          0 :     if (script.IsPayToScriptHash()) {
     771                 :          0 :         std::vector<valtype> solutions;
     772         [ #  # ]:          0 :         auto whichtype = Solver(script, solutions);
     773         [ #  # ]:          0 :         if (whichtype == TxoutType::SCRIPTHASH) {
     774 [ #  # ][ #  # ]:          0 :             auto h160 = uint160(solutions[0]);
     775         [ #  # ]:          0 :             CScript subscript;
     776 [ #  # ][ #  # ]:          0 :             if (provider.GetCScript(CScriptID{h160}, subscript)) {
                 [ #  # ]
     777 [ #  # ][ #  # ]:          0 :                 if (subscript.IsWitnessProgram(version, program)) return true;
     778                 :          0 :             }
     779         [ #  # ]:          0 :         }
     780         [ #  # ]:          0 :     }
     781                 :          0 :     return false;
     782                 :          0 : }
     783                 :            : 
     784                 :          0 : bool SignTransaction(CMutableTransaction& mtx, const SigningProvider* keystore, const std::map<COutPoint, Coin>& coins, int nHashType, std::map<int, bilingual_str>& input_errors)
     785                 :            : {
     786                 :          0 :     bool fHashSingle = ((nHashType & ~SIGHASH_ANYONECANPAY) == SIGHASH_SINGLE);
     787                 :            : 
     788                 :            :     // Use CTransaction for the constant parts of the
     789                 :            :     // transaction to avoid rehashing.
     790                 :          0 :     const CTransaction txConst(mtx);
     791                 :            : 
     792         [ #  # ]:          0 :     PrecomputedTransactionData txdata;
     793                 :          0 :     std::vector<CTxOut> spent_outputs;
     794         [ #  # ]:          0 :     for (unsigned int i = 0; i < mtx.vin.size(); ++i) {
     795                 :          0 :         CTxIn& txin = mtx.vin[i];
     796         [ #  # ]:          0 :         auto coin = coins.find(txin.prevout);
     797 [ #  # ][ #  # ]:          0 :         if (coin == coins.end() || coin->second.IsSpent()) {
                 [ #  # ]
     798         [ #  # ]:          0 :             txdata.Init(txConst, /*spent_outputs=*/{}, /*force=*/true);
     799                 :          0 :             break;
     800                 :            :         } else {
     801         [ #  # ]:          0 :             spent_outputs.emplace_back(coin->second.out.nValue, coin->second.out.scriptPubKey);
     802                 :            :         }
     803                 :          0 :     }
     804         [ #  # ]:          0 :     if (spent_outputs.size() == mtx.vin.size()) {
     805         [ #  # ]:          0 :         txdata.Init(txConst, std::move(spent_outputs), true);
     806                 :          0 :     }
     807                 :            : 
     808                 :            :     // Sign what we can:
     809         [ #  # ]:          0 :     for (unsigned int i = 0; i < mtx.vin.size(); ++i) {
     810                 :          0 :         CTxIn& txin = mtx.vin[i];
     811         [ #  # ]:          0 :         auto coin = coins.find(txin.prevout);
     812 [ #  # ][ #  # ]:          0 :         if (coin == coins.end() || coin->second.IsSpent()) {
                 [ #  # ]
     813 [ #  # ][ #  # ]:          0 :             input_errors[i] = _("Input not found or already spent");
     814                 :          0 :             continue;
     815                 :            :         }
     816                 :          0 :         const CScript& prevPubKey = coin->second.out.scriptPubKey;
     817                 :          0 :         const CAmount& amount = coin->second.out.nValue;
     818                 :            : 
     819         [ #  # ]:          0 :         SignatureData sigdata = DataFromTransaction(mtx, i, coin->second.out);
     820                 :            :         // Only sign SIGHASH_SINGLE if there's a corresponding output:
     821         [ #  # ]:          0 :         if (!fHashSingle || (i < mtx.vout.size())) {
     822 [ #  # ][ #  # ]:          0 :             ProduceSignature(*keystore, MutableTransactionSignatureCreator(mtx, i, amount, &txdata, nHashType), prevPubKey, sigdata);
     823                 :          0 :         }
     824                 :            : 
     825         [ #  # ]:          0 :         UpdateInput(txin, sigdata);
     826                 :            : 
     827                 :            :         // amount must be specified for valid segwit signature
     828 [ #  # ][ #  # ]:          0 :         if (amount == MAX_MONEY && !txin.scriptWitness.IsNull()) {
                 [ #  # ]
     829 [ #  # ][ #  # ]:          0 :             input_errors[i] = _("Missing amount");
     830                 :          0 :             continue;
     831                 :            :         }
     832                 :            : 
     833                 :          0 :         ScriptError serror = SCRIPT_ERR_OK;
     834 [ #  # ][ #  # ]:          0 :         if (!VerifyScript(txin.scriptSig, prevPubKey, &txin.scriptWitness, STANDARD_SCRIPT_VERIFY_FLAGS, TransactionSignatureChecker(&txConst, i, amount, txdata, MissingDataBehavior::FAIL), &serror)) {
                 [ #  # ]
     835         [ #  # ]:          0 :             if (serror == SCRIPT_ERR_INVALID_STACK_OPERATION) {
     836                 :            :                 // Unable to sign input and verification failed (possible attempt to partially sign).
     837 [ #  # ][ #  # ]:          0 :                 input_errors[i] = Untranslated("Unable to sign input, invalid stack size (possibly missing key)");
                 [ #  # ]
     838         [ #  # ]:          0 :             } else if (serror == SCRIPT_ERR_SIG_NULLFAIL) {
     839                 :            :                 // Verification failed (possibly due to insufficient signatures).
     840 [ #  # ][ #  # ]:          0 :                 input_errors[i] = Untranslated("CHECK(MULTI)SIG failing with non-zero signature (possibly need more signatures)");
                 [ #  # ]
     841                 :          0 :             } else {
     842 [ #  # ][ #  # ]:          0 :                 input_errors[i] = Untranslated(ScriptErrorString(serror));
                 [ #  # ]
     843                 :            :             }
     844                 :          0 :         } else {
     845                 :            :             // If this input succeeds, make sure there is no error set for it
     846         [ #  # ]:          0 :             input_errors.erase(i);
     847                 :            :         }
     848      [ #  #  # ]:          0 :     }
     849                 :          0 :     return input_errors.empty();
     850                 :          0 : }

Generated by: LCOV version 1.14