1 // Copyright (c) 2009-2010 Satoshi Nakamoto
\r
2 // Distributed under the MIT/X11 software license, see the accompanying
\r
3 // file license.txt or http://www.opensource.org/licenses/mit-license.php.
\r
7 bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType);
\r
11 typedef vector<unsigned char> valtype;
\r
12 static const valtype vchFalse(0);
\r
13 static const valtype vchZero(0);
\r
14 static const valtype vchTrue(1, 1);
\r
15 static const CBigNum bnZero(0);
\r
16 static const CBigNum bnOne(1);
\r
17 static const CBigNum bnFalse(0);
\r
18 static const CBigNum bnTrue(1);
\r
19 static const size_t nMaxNumSize = 4;
\r
22 CBigNum CastToBigNum(const valtype& vch)
\r
24 if (vch.size() > nMaxNumSize)
\r
25 throw runtime_error("CastToBigNum() : overflow");
\r
26 // Get rid of extra leading zeros
\r
27 return CBigNum(CBigNum(vch).getvch());
\r
30 bool CastToBool(const valtype& vch)
\r
32 for (int i = 0; i < vch.size(); i++)
\r
36 // Can be negative zero
\r
37 if (i == vch.size()-1 && vch[i] == 0x80)
\r
45 void MakeSameSize(valtype& vch1, valtype& vch2)
\r
47 // Lengthen the shorter one
\r
48 if (vch1.size() < vch2.size())
\r
49 vch1.resize(vch2.size(), 0);
\r
50 if (vch2.size() < vch1.size())
\r
51 vch2.resize(vch1.size(), 0);
\r
57 // Script is a stack machine (like Forth) that evaluates a predicate
\r
58 // returning a bool indicating valid or not. There are no loops.
\r
60 #define stacktop(i) (stack.at(stack.size()+(i)))
\r
61 #define altstacktop(i) (altstack.at(altstack.size()+(i)))
\r
63 bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
66 CScript::const_iterator pc = script.begin();
\r
67 CScript::const_iterator pend = script.end();
\r
68 CScript::const_iterator pbegincodehash = script.begin();
\r
69 vector<bool> vfExec;
\r
70 vector<valtype> altstack;
\r
71 if (script.size() > 10000)
\r
80 bool fExec = !count(vfExec.begin(), vfExec.end(), false);
\r
86 valtype vchPushValue;
\r
87 if (!script.GetOp(pc, opcode, vchPushValue))
\r
89 if (vchPushValue.size() > 520)
\r
91 if (opcode > OP_16 && nOpCount++ > 200)
\r
94 if (opcode == OP_CAT ||
\r
95 opcode == OP_SUBSTR ||
\r
96 opcode == OP_LEFT ||
\r
97 opcode == OP_RIGHT ||
\r
98 opcode == OP_INVERT ||
\r
101 opcode == OP_XOR ||
\r
102 opcode == OP_2MUL ||
\r
103 opcode == OP_2DIV ||
\r
104 opcode == OP_MUL ||
\r
105 opcode == OP_DIV ||
\r
106 opcode == OP_MOD ||
\r
107 opcode == OP_LSHIFT ||
\r
108 opcode == OP_RSHIFT)
\r
111 if (fExec && opcode <= OP_PUSHDATA4)
\r
112 stack.push_back(vchPushValue);
\r
113 else if (fExec || (OP_IF <= opcode && opcode <= OP_ENDIF))
\r
138 CBigNum bn((int)opcode - (int)(OP_1 - 1));
\r
139 stack.push_back(bn.getvch());
\r
148 case OP_NOP1: case OP_NOP2: case OP_NOP3: case OP_NOP4: case OP_NOP5:
\r
149 case OP_NOP6: case OP_NOP7: case OP_NOP8: case OP_NOP9: case OP_NOP10:
\r
163 // <expression> if [statements] [else [statements]] endif
\r
164 bool fValue = false;
\r
167 if (stack.size() < 1)
\r
169 valtype& vch = stacktop(-1);
\r
170 fValue = CastToBool(vch);
\r
171 if (opcode == OP_NOTIF)
\r
175 vfExec.push_back(fValue);
\r
181 if (vfExec.empty())
\r
183 vfExec.back() = !vfExec.back();
\r
189 if (vfExec.empty())
\r
198 // (false -- false) and return
\r
199 if (stack.size() < 1)
\r
201 bool fValue = CastToBool(stacktop(-1));
\r
219 case OP_TOALTSTACK:
\r
221 if (stack.size() < 1)
\r
223 altstack.push_back(stacktop(-1));
\r
228 case OP_FROMALTSTACK:
\r
230 if (altstack.size() < 1)
\r
232 stack.push_back(altstacktop(-1));
\r
233 altstack.pop_back();
\r
247 // (x1 x2 -- x1 x2 x1 x2)
\r
248 if (stack.size() < 2)
\r
250 valtype vch1 = stacktop(-2);
\r
251 valtype vch2 = stacktop(-1);
\r
252 stack.push_back(vch1);
\r
253 stack.push_back(vch2);
\r
259 // (x1 x2 x3 -- x1 x2 x3 x1 x2 x3)
\r
260 if (stack.size() < 3)
\r
262 valtype vch1 = stacktop(-3);
\r
263 valtype vch2 = stacktop(-2);
\r
264 valtype vch3 = stacktop(-1);
\r
265 stack.push_back(vch1);
\r
266 stack.push_back(vch2);
\r
267 stack.push_back(vch3);
\r
273 // (x1 x2 x3 x4 -- x1 x2 x3 x4 x1 x2)
\r
274 if (stack.size() < 4)
\r
276 valtype vch1 = stacktop(-4);
\r
277 valtype vch2 = stacktop(-3);
\r
278 stack.push_back(vch1);
\r
279 stack.push_back(vch2);
\r
285 // (x1 x2 x3 x4 x5 x6 -- x3 x4 x5 x6 x1 x2)
\r
286 if (stack.size() < 6)
\r
288 valtype vch1 = stacktop(-6);
\r
289 valtype vch2 = stacktop(-5);
\r
290 stack.erase(stack.end()-6, stack.end()-4);
\r
291 stack.push_back(vch1);
\r
292 stack.push_back(vch2);
\r
298 // (x1 x2 x3 x4 -- x3 x4 x1 x2)
\r
299 if (stack.size() < 4)
\r
301 swap(stacktop(-4), stacktop(-2));
\r
302 swap(stacktop(-3), stacktop(-1));
\r
309 if (stack.size() < 1)
\r
311 valtype vch = stacktop(-1);
\r
312 if (CastToBool(vch))
\r
313 stack.push_back(vch);
\r
320 CBigNum bn(stack.size());
\r
321 stack.push_back(bn.getvch());
\r
328 if (stack.size() < 1)
\r
337 if (stack.size() < 1)
\r
339 valtype vch = stacktop(-1);
\r
340 stack.push_back(vch);
\r
347 if (stack.size() < 2)
\r
349 stack.erase(stack.end() - 2);
\r
355 // (x1 x2 -- x1 x2 x1)
\r
356 if (stack.size() < 2)
\r
358 valtype vch = stacktop(-2);
\r
359 stack.push_back(vch);
\r
366 // (xn ... x2 x1 x0 n - xn ... x2 x1 x0 xn)
\r
367 // (xn ... x2 x1 x0 n - ... x2 x1 x0 xn)
\r
368 if (stack.size() < 2)
\r
370 int n = CastToBigNum(stacktop(-1)).getint();
\r
372 if (n < 0 || n >= stack.size())
\r
374 valtype vch = stacktop(-n-1);
\r
375 if (opcode == OP_ROLL)
\r
376 stack.erase(stack.end()-n-1);
\r
377 stack.push_back(vch);
\r
383 // (x1 x2 x3 -- x2 x3 x1)
\r
384 // x2 x1 x3 after first swap
\r
385 // x2 x3 x1 after second swap
\r
386 if (stack.size() < 3)
\r
388 swap(stacktop(-3), stacktop(-2));
\r
389 swap(stacktop(-2), stacktop(-1));
\r
395 // (x1 x2 -- x2 x1)
\r
396 if (stack.size() < 2)
\r
398 swap(stacktop(-2), stacktop(-1));
\r
404 // (x1 x2 -- x2 x1 x2)
\r
405 if (stack.size() < 2)
\r
407 valtype vch = stacktop(-1);
\r
408 stack.insert(stack.end()-2, vch);
\r
419 if (stack.size() < 2)
\r
421 valtype& vch1 = stacktop(-2);
\r
422 valtype& vch2 = stacktop(-1);
\r
423 vch1.insert(vch1.end(), vch2.begin(), vch2.end());
\r
425 if (stacktop(-1).size() > 520)
\r
432 // (in begin size -- out)
\r
433 if (stack.size() < 3)
\r
435 valtype& vch = stacktop(-3);
\r
436 int nBegin = CastToBigNum(stacktop(-2)).getint();
\r
437 int nEnd = nBegin + CastToBigNum(stacktop(-1)).getint();
\r
438 if (nBegin < 0 || nEnd < nBegin)
\r
440 if (nBegin > vch.size())
\r
441 nBegin = vch.size();
\r
442 if (nEnd > vch.size())
\r
444 vch.erase(vch.begin() + nEnd, vch.end());
\r
445 vch.erase(vch.begin(), vch.begin() + nBegin);
\r
454 // (in size -- out)
\r
455 if (stack.size() < 2)
\r
457 valtype& vch = stacktop(-2);
\r
458 int nSize = CastToBigNum(stacktop(-1)).getint();
\r
461 if (nSize > vch.size())
\r
462 nSize = vch.size();
\r
463 if (opcode == OP_LEFT)
\r
464 vch.erase(vch.begin() + nSize, vch.end());
\r
466 vch.erase(vch.begin(), vch.end() - nSize);
\r
474 if (stack.size() < 1)
\r
476 CBigNum bn(stacktop(-1).size());
\r
477 stack.push_back(bn.getvch());
\r
488 if (stack.size() < 1)
\r
490 valtype& vch = stacktop(-1);
\r
491 for (int i = 0; i < vch.size(); i++)
\r
501 if (stack.size() < 2)
\r
503 valtype& vch1 = stacktop(-2);
\r
504 valtype& vch2 = stacktop(-1);
\r
505 MakeSameSize(vch1, vch2);
\r
506 if (opcode == OP_AND)
\r
508 for (int i = 0; i < vch1.size(); i++)
\r
509 vch1[i] &= vch2[i];
\r
511 else if (opcode == OP_OR)
\r
513 for (int i = 0; i < vch1.size(); i++)
\r
514 vch1[i] |= vch2[i];
\r
516 else if (opcode == OP_XOR)
\r
518 for (int i = 0; i < vch1.size(); i++)
\r
519 vch1[i] ^= vch2[i];
\r
526 case OP_EQUALVERIFY:
\r
527 //case OP_NOTEQUAL: // use OP_NUMNOTEQUAL
\r
530 if (stack.size() < 2)
\r
532 valtype& vch1 = stacktop(-2);
\r
533 valtype& vch2 = stacktop(-1);
\r
534 bool fEqual = (vch1 == vch2);
\r
535 // OP_NOTEQUAL is disabled because it would be too easy to say
\r
536 // something like n != 1 and have some wiseguy pass in 1 with extra
\r
537 // zero bytes after it (numerically, 0x01 == 0x0001 == 0x000001)
\r
538 //if (opcode == OP_NOTEQUAL)
\r
539 // fEqual = !fEqual;
\r
542 stack.push_back(fEqual ? vchTrue : vchFalse);
\r
543 if (opcode == OP_EQUALVERIFY)
\r
567 if (stack.size() < 1)
\r
569 CBigNum bn = CastToBigNum(stacktop(-1));
\r
572 case OP_1ADD: bn += bnOne; break;
\r
573 case OP_1SUB: bn -= bnOne; break;
\r
574 case OP_2MUL: bn <<= 1; break;
\r
575 case OP_2DIV: bn >>= 1; break;
\r
576 case OP_NEGATE: bn = -bn; break;
\r
577 case OP_ABS: if (bn < bnZero) bn = -bn; break;
\r
578 case OP_NOT: bn = (bn == bnZero); break;
\r
579 case OP_0NOTEQUAL: bn = (bn != bnZero); break;
\r
582 stack.push_back(bn.getvch());
\r
596 case OP_NUMEQUALVERIFY:
\r
597 case OP_NUMNOTEQUAL:
\r
599 case OP_GREATERTHAN:
\r
600 case OP_LESSTHANOREQUAL:
\r
601 case OP_GREATERTHANOREQUAL:
\r
606 if (stack.size() < 2)
\r
608 CBigNum bn1 = CastToBigNum(stacktop(-2));
\r
609 CBigNum bn2 = CastToBigNum(stacktop(-1));
\r
622 if (!BN_mul(&bn, &bn1, &bn2, pctx))
\r
627 if (!BN_div(&bn, NULL, &bn1, &bn2, pctx))
\r
632 if (!BN_mod(&bn, &bn1, &bn2, pctx))
\r
637 if (bn2 < bnZero || bn2 > CBigNum(2048))
\r
639 bn = bn1 << bn2.getulong();
\r
643 if (bn2 < bnZero || bn2 > CBigNum(2048))
\r
645 bn = bn1 >> bn2.getulong();
\r
648 case OP_BOOLAND: bn = (bn1 != bnZero && bn2 != bnZero); break;
\r
649 case OP_BOOLOR: bn = (bn1 != bnZero || bn2 != bnZero); break;
\r
650 case OP_NUMEQUAL: bn = (bn1 == bn2); break;
\r
651 case OP_NUMEQUALVERIFY: bn = (bn1 == bn2); break;
\r
652 case OP_NUMNOTEQUAL: bn = (bn1 != bn2); break;
\r
653 case OP_LESSTHAN: bn = (bn1 < bn2); break;
\r
654 case OP_GREATERTHAN: bn = (bn1 > bn2); break;
\r
655 case OP_LESSTHANOREQUAL: bn = (bn1 <= bn2); break;
\r
656 case OP_GREATERTHANOREQUAL: bn = (bn1 >= bn2); break;
\r
657 case OP_MIN: bn = (bn1 < bn2 ? bn1 : bn2); break;
\r
658 case OP_MAX: bn = (bn1 > bn2 ? bn1 : bn2); break;
\r
662 stack.push_back(bn.getvch());
\r
664 if (opcode == OP_NUMEQUALVERIFY)
\r
666 if (CastToBool(stacktop(-1)))
\r
676 // (x min max -- out)
\r
677 if (stack.size() < 3)
\r
679 CBigNum bn1 = CastToBigNum(stacktop(-3));
\r
680 CBigNum bn2 = CastToBigNum(stacktop(-2));
\r
681 CBigNum bn3 = CastToBigNum(stacktop(-1));
\r
682 bool fValue = (bn2 <= bn1 && bn1 < bn3);
\r
686 stack.push_back(fValue ? vchTrue : vchFalse);
\r
701 if (stack.size() < 1)
\r
703 valtype& vch = stacktop(-1);
\r
704 valtype vchHash((opcode == OP_RIPEMD160 || opcode == OP_SHA1 || opcode == OP_HASH160) ? 20 : 32);
\r
705 if (opcode == OP_RIPEMD160)
\r
706 RIPEMD160(&vch[0], vch.size(), &vchHash[0]);
\r
707 else if (opcode == OP_SHA1)
\r
708 SHA1(&vch[0], vch.size(), &vchHash[0]);
\r
709 else if (opcode == OP_SHA256)
\r
710 SHA256(&vch[0], vch.size(), &vchHash[0]);
\r
711 else if (opcode == OP_HASH160)
\r
713 uint160 hash160 = Hash160(vch);
\r
714 memcpy(&vchHash[0], &hash160, sizeof(hash160));
\r
716 else if (opcode == OP_HASH256)
\r
718 uint256 hash = Hash(vch.begin(), vch.end());
\r
719 memcpy(&vchHash[0], &hash, sizeof(hash));
\r
722 stack.push_back(vchHash);
\r
726 case OP_CODESEPARATOR:
\r
728 // Hash starts after the code separator
\r
729 pbegincodehash = pc;
\r
734 case OP_CHECKSIGVERIFY:
\r
736 // (sig pubkey -- bool)
\r
737 if (stack.size() < 2)
\r
740 valtype& vchSig = stacktop(-2);
\r
741 valtype& vchPubKey = stacktop(-1);
\r
744 //PrintHex(vchSig.begin(), vchSig.end(), "sig: %s\n");
\r
745 //PrintHex(vchPubKey.begin(), vchPubKey.end(), "pubkey: %s\n");
\r
747 // Subset of script starting at the most recent codeseparator
\r
748 CScript scriptCode(pbegincodehash, pend);
\r
750 // Drop the signature, since there's no way for a signature to sign itself
\r
751 scriptCode.FindAndDelete(CScript(vchSig));
\r
753 bool fSuccess = CheckSig(vchSig, vchPubKey, scriptCode, txTo, nIn, nHashType);
\r
757 stack.push_back(fSuccess ? vchTrue : vchFalse);
\r
758 if (opcode == OP_CHECKSIGVERIFY)
\r
768 case OP_CHECKMULTISIG:
\r
769 case OP_CHECKMULTISIGVERIFY:
\r
771 // ([sig ...] num_of_signatures [pubkey ...] num_of_pubkeys -- bool)
\r
774 if (stack.size() < i)
\r
777 int nKeysCount = CastToBigNum(stacktop(-i)).getint();
\r
778 if (nKeysCount < 0)
\r
782 if (stack.size() < i)
\r
785 int nSigsCount = CastToBigNum(stacktop(-i)).getint();
\r
786 if (nSigsCount < 0 || nSigsCount > nKeysCount)
\r
790 if (stack.size() < i)
\r
793 // Subset of script starting at the most recent codeseparator
\r
794 CScript scriptCode(pbegincodehash, pend);
\r
796 // Drop the signatures, since there's no way for a signature to sign itself
\r
797 for (int k = 0; k < nSigsCount; k++)
\r
799 valtype& vchSig = stacktop(-isig-k);
\r
800 scriptCode.FindAndDelete(CScript(vchSig));
\r
803 bool fSuccess = true;
\r
804 while (fSuccess && nSigsCount > 0)
\r
806 valtype& vchSig = stacktop(-isig);
\r
807 valtype& vchPubKey = stacktop(-ikey);
\r
810 if (CheckSig(vchSig, vchPubKey, scriptCode, txTo, nIn, nHashType))
\r
818 // If there are more signatures left than keys left,
\r
819 // then too many signatures have failed
\r
820 if (nSigsCount > nKeysCount)
\r
826 stack.push_back(fSuccess ? vchTrue : vchFalse);
\r
828 if (opcode == OP_CHECKMULTISIGVERIFY)
\r
843 if (stack.size() + altstack.size() > 1000)
\r
853 if (!vfExec.empty())
\r
869 uint256 SignatureHash(CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
871 if (nIn >= txTo.vin.size())
\r
873 printf("ERROR: SignatureHash() : nIn=%d out of range\n", nIn);
\r
876 CTransaction txTmp(txTo);
\r
878 // In case concatenating two scripts ends up with two codeseparators,
\r
879 // or an extra one at the end, this prevents all those possible incompatibilities.
\r
880 scriptCode.FindAndDelete(CScript(OP_CODESEPARATOR));
\r
882 // Blank out other inputs' signatures
\r
883 for (int i = 0; i < txTmp.vin.size(); i++)
\r
884 txTmp.vin[i].scriptSig = CScript();
\r
885 txTmp.vin[nIn].scriptSig = scriptCode;
\r
887 // Blank out some of the outputs
\r
888 if ((nHashType & 0x1f) == SIGHASH_NONE)
\r
891 txTmp.vout.clear();
\r
893 // Let the others update at will
\r
894 for (int i = 0; i < txTmp.vin.size(); i++)
\r
896 txTmp.vin[i].nSequence = 0;
\r
898 else if ((nHashType & 0x1f) == SIGHASH_SINGLE)
\r
900 // Only lockin the txout payee at same index as txin
\r
901 unsigned int nOut = nIn;
\r
902 if (nOut >= txTmp.vout.size())
\r
904 printf("ERROR: SignatureHash() : nOut=%d out of range\n", nOut);
\r
907 txTmp.vout.resize(nOut+1);
\r
908 for (int i = 0; i < nOut; i++)
\r
909 txTmp.vout[i].SetNull();
\r
911 // Let the others update at will
\r
912 for (int i = 0; i < txTmp.vin.size(); i++)
\r
914 txTmp.vin[i].nSequence = 0;
\r
917 // Blank out other inputs completely, not recommended for open transactions
\r
918 if (nHashType & SIGHASH_ANYONECANPAY)
\r
920 txTmp.vin[0] = txTmp.vin[nIn];
\r
921 txTmp.vin.resize(1);
\r
924 // Serialize and hash
\r
925 CDataStream ss(SER_GETHASH);
\r
927 ss << txTmp << nHashType;
\r
928 return Hash(ss.begin(), ss.end());
\r
932 bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode,
\r
933 const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
936 if (!key.SetPubKey(vchPubKey))
\r
939 // Hash type is one byte tacked on to the end of the signature
\r
940 if (vchSig.empty())
\r
942 if (nHashType == 0)
\r
943 nHashType = vchSig.back();
\r
944 else if (nHashType != vchSig.back())
\r
948 if (key.Verify(SignatureHash(scriptCode, txTo, nIn, nHashType), vchSig))
\r
963 bool Solver(const CScript& scriptPubKey, vector<pair<opcodetype, valtype> >& vSolutionRet)
\r
966 static vector<CScript> vTemplates;
\r
967 if (vTemplates.empty())
\r
969 // Standard tx, sender provides pubkey, receiver adds signature
\r
970 vTemplates.push_back(CScript() << OP_PUBKEY << OP_CHECKSIG);
\r
972 // Bitcoin address tx, sender provides hash of pubkey, receiver provides signature and pubkey
\r
973 vTemplates.push_back(CScript() << OP_DUP << OP_HASH160 << OP_PUBKEYHASH << OP_EQUALVERIFY << OP_CHECKSIG);
\r
977 const CScript& script1 = scriptPubKey;
\r
978 foreach(const CScript& script2, vTemplates)
\r
980 vSolutionRet.clear();
\r
981 opcodetype opcode1, opcode2;
\r
982 vector<unsigned char> vch1, vch2;
\r
985 CScript::const_iterator pc1 = script1.begin();
\r
986 CScript::const_iterator pc2 = script2.begin();
\r
989 bool f1 = script1.GetOp(pc1, opcode1, vch1);
\r
990 bool f2 = script2.GetOp(pc2, opcode2, vch2);
\r
994 reverse(vSolutionRet.begin(), vSolutionRet.end());
\r
1001 else if (opcode2 == OP_PUBKEY)
\r
1003 if (vch1.size() <= sizeof(uint256))
\r
1005 vSolutionRet.push_back(make_pair(opcode2, vch1));
\r
1007 else if (opcode2 == OP_PUBKEYHASH)
\r
1009 if (vch1.size() != sizeof(uint160))
\r
1011 vSolutionRet.push_back(make_pair(opcode2, vch1));
\r
1013 else if (opcode1 != opcode2)
\r
1020 vSolutionRet.clear();
\r
1025 bool Solver(const CScript& scriptPubKey, uint256 hash, int nHashType, CScript& scriptSigRet)
\r
1027 scriptSigRet.clear();
\r
1029 vector<pair<opcodetype, valtype> > vSolution;
\r
1030 if (!Solver(scriptPubKey, vSolution))
\r
1033 // Compile solution
\r
1034 CRITICAL_BLOCK(cs_mapKeys)
\r
1036 foreach(PAIRTYPE(opcodetype, valtype)& item, vSolution)
\r
1038 if (item.first == OP_PUBKEY)
\r
1041 const valtype& vchPubKey = item.second;
\r
1042 if (!mapKeys.count(vchPubKey))
\r
1046 vector<unsigned char> vchSig;
\r
1047 if (!CKey::Sign(mapKeys[vchPubKey], hash, vchSig))
\r
1049 vchSig.push_back((unsigned char)nHashType);
\r
1050 scriptSigRet << vchSig;
\r
1053 else if (item.first == OP_PUBKEYHASH)
\r
1055 // Sign and give pubkey
\r
1056 map<uint160, valtype>::iterator mi = mapPubKeys.find(uint160(item.second));
\r
1057 if (mi == mapPubKeys.end())
\r
1059 const vector<unsigned char>& vchPubKey = (*mi).second;
\r
1060 if (!mapKeys.count(vchPubKey))
\r
1064 vector<unsigned char> vchSig;
\r
1065 if (!CKey::Sign(mapKeys[vchPubKey], hash, vchSig))
\r
1067 vchSig.push_back((unsigned char)nHashType);
\r
1068 scriptSigRet << vchSig << vchPubKey;
\r
1078 bool IsMine(const CScript& scriptPubKey)
\r
1080 CScript scriptSig;
\r
1081 return Solver(scriptPubKey, 0, 0, scriptSig);
\r
1085 bool ExtractPubKey(const CScript& scriptPubKey, bool fMineOnly, vector<unsigned char>& vchPubKeyRet)
\r
1087 vchPubKeyRet.clear();
\r
1089 vector<pair<opcodetype, valtype> > vSolution;
\r
1090 if (!Solver(scriptPubKey, vSolution))
\r
1093 CRITICAL_BLOCK(cs_mapKeys)
\r
1095 foreach(PAIRTYPE(opcodetype, valtype)& item, vSolution)
\r
1097 valtype vchPubKey;
\r
1098 if (item.first == OP_PUBKEY)
\r
1100 vchPubKey = item.second;
\r
1102 else if (item.first == OP_PUBKEYHASH)
\r
1104 map<uint160, valtype>::iterator mi = mapPubKeys.find(uint160(item.second));
\r
1105 if (mi == mapPubKeys.end())
\r
1107 vchPubKey = (*mi).second;
\r
1109 if (!fMineOnly || mapKeys.count(vchPubKey))
\r
1111 vchPubKeyRet = vchPubKey;
\r
1120 bool ExtractHash160(const CScript& scriptPubKey, uint160& hash160Ret)
\r
1124 vector<pair<opcodetype, valtype> > vSolution;
\r
1125 if (!Solver(scriptPubKey, vSolution))
\r
1128 foreach(PAIRTYPE(opcodetype, valtype)& item, vSolution)
\r
1130 if (item.first == OP_PUBKEYHASH)
\r
1132 hash160Ret = uint160(item.second);
\r
1140 bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
1142 vector<vector<unsigned char> > stack;
\r
1143 if (!EvalScript(stack, scriptSig, txTo, nIn, nHashType))
\r
1145 if (!EvalScript(stack, scriptPubKey, txTo, nIn, nHashType))
\r
1147 if (stack.empty())
\r
1149 return CastToBool(stack.back());
\r
1153 bool SignSignature(const CTransaction& txFrom, CTransaction& txTo, unsigned int nIn, int nHashType, CScript scriptPrereq)
\r
1155 assert(nIn < txTo.vin.size());
\r
1156 CTxIn& txin = txTo.vin[nIn];
\r
1157 assert(txin.prevout.n < txFrom.vout.size());
\r
1158 const CTxOut& txout = txFrom.vout[txin.prevout.n];
\r
1160 // Leave out the signature from the hash, since a signature can't sign itself.
\r
1161 // The checksig op will also drop the signatures from its hash.
\r
1162 uint256 hash = SignatureHash(scriptPrereq + txout.scriptPubKey, txTo, nIn, nHashType);
\r
1164 if (!Solver(txout.scriptPubKey, hash, nHashType, txin.scriptSig))
\r
1167 txin.scriptSig = scriptPrereq + txin.scriptSig;
\r
1170 if (scriptPrereq.empty())
\r
1171 if (!VerifyScript(txin.scriptSig, txout.scriptPubKey, txTo, nIn, 0))
\r
1178 bool VerifySignature(const CTransaction& txFrom, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
1180 assert(nIn < txTo.vin.size());
\r
1181 const CTxIn& txin = txTo.vin[nIn];
\r
1182 if (txin.prevout.n >= txFrom.vout.size())
\r
1184 const CTxOut& txout = txFrom.vout[txin.prevout.n];
\r
1186 if (txin.prevout.hash != txFrom.GetHash())
\r
1189 if (!VerifyScript(txin.scriptSig, txout.scriptPubKey, txTo, nIn, nHashType))
\r
1192 // Anytime a signature is successfully verified, it's proof the outpoint is spent,
\r
1193 // so lets update the wallet spent flag if it doesn't know due to wallet.dat being
\r
1194 // restored from backup or the user making copies of wallet.dat.
\r
1195 WalletUpdateSpent(txin.prevout);
\r