aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPieter Wuille <pieter.wuille@gmail.com>2018-08-08 14:18:55 -0700
committerfanquake <fanquake@gmail.com>2018-08-15 10:00:13 +0800
commitad6d845ac9d43aac663fa46912b49aaf837a1a9e (patch)
tree43b86015049ff67a116b393fa26ac3d01e857951 /src
parent517010e30e4ac52868fcfd537b644515f3081f88 (diff)
Additional sanity checks in SignPSBTInput
GitHub-Pull: #13917 Rebased-From: 8254e99
Diffstat (limited to 'src')
-rw-r--r--src/script/sign.cpp16
-rw-r--r--src/script/sign.h2
2 files changed, 17 insertions, 1 deletions
diff --git a/src/script/sign.cpp b/src/script/sign.cpp
index 1e4102c20f..1ab5051ff7 100644
--- a/src/script/sign.cpp
+++ b/src/script/sign.cpp
@@ -244,17 +244,33 @@ bool SignPSBTInput(const SigningProvider& provider, const CMutableTransaction& t
input.FillSignatureData(sigdata);
// Get UTXO
+ bool require_witness_sig = false;
CTxOut utxo;
if (input.non_witness_utxo) {
+ // If we're taking our information from a non-witness UTXO, verify that it matches the prevout.
+ if (input.non_witness_utxo->GetHash() != tx.vin[index].prevout.hash) return false;
+ // If both witness and non-witness UTXO are provided, verify that they match. This check shouldn't
+ // matter, as the PSBT deserializer enforces only one of both is provided, and the only way both
+ // can be present is when they're added simultaneously by FillPSBT (in which case they always match).
+ // Still, check in order to not rely on callers to enforce this.
+ if (!input.witness_utxo.IsNull() && input.non_witness_utxo->vout[tx.vin[index].prevout.n] != input.witness_utxo) return false;
utxo = input.non_witness_utxo->vout[tx.vin[index].prevout.n];
} else if (!input.witness_utxo.IsNull()) {
utxo = input.witness_utxo;
+ // When we're taking our information from a witness UTXO, we can't verify it is actually data from
+ // the output being spent. This is safe in case a witness signature is produced (which includes this
+ // information directly in the hash), but not for non-witness signatures. Remember that we require
+ // a witness signature in this situation.
+ require_witness_sig = true;
} else {
return false;
}
MutableTransactionSignatureCreator creator(&tx, index, utxo.nValue, sighash);
+ sigdata.witness = false;
bool sig_complete = ProduceSignature(provider, creator, utxo.scriptPubKey, sigdata);
+ // Verify that a witness signature was produced in case one was required.
+ if (require_witness_sig && !sigdata.witness) return false;
input.FromSignatureData(sigdata);
return sig_complete;
}
diff --git a/src/script/sign.h b/src/script/sign.h
index 80fda617e9..7ade715ee2 100644
--- a/src/script/sign.h
+++ b/src/script/sign.h
@@ -686,7 +686,7 @@ bool ProduceSignature(const SigningProvider& provider, const BaseSignatureCreato
bool SignSignature(const SigningProvider &provider, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType);
bool SignSignature(const SigningProvider &provider, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType);
-/** Signs a PSBTInput */
+/** Signs a PSBTInput, verifying that all provided data matches what is being signed. */
bool SignPSBTInput(const SigningProvider& provider, const CMutableTransaction& tx, PSBTInput& input, SignatureData& sigdata, int index, int sighash = 1);
/** Extract signature data from a transaction input, and insert it. */