static void push_tx_input(const struct bitcoin_tx_input *input,
void (*push)(const void *, size_t, void *), void *pushp)
{
push(&input->txid, sizeof(input->txid), pushp);
push_le32(input->index, push, pushp);
push_varint_blob(input->script, push, pushp);
push_le32(input->sequence_number, push, pushp);
}
char *netaddr_to_hex(const tal_t *ctx, const struct netaddr *a)
{
u8 *blob = tal_arr(ctx, u8, 0);
char *hex;
push_le32(a->type, push, &blob);
push_le32(a->protocol, push, &blob);
push_le32(a->addrlen, push, &blob);
assert(a->addrlen <= sizeof(a->saddr));
push(&a->saddr, a->addrlen, &blob);
hex = tal_hexstr(ctx, blob, tal_count(blob));
tal_free(blob);
return hex;
}
static void hash_for_segwit(struct sha256_ctx *ctx,
const struct bitcoin_tx *tx,
unsigned int input_num,
const u8 *witness_script)
{
struct sha256_double h;
/* BIP143:
*
* Double SHA256 of the serialization of:
* 1. nVersion of the transaction (4-byte little endian)
*/
push_le32(tx->version, push_sha, ctx);
/* 2. hashPrevouts (32-byte hash) */
hash_prevouts(&h, tx);
push_sha(&h, sizeof(h), ctx);
/* 3. hashSequence (32-byte hash) */
hash_sequence(&h, tx);
push_sha(&h, sizeof(h), ctx);
/* 4. outpoint (32-byte hash + 4-byte little endian) */
push_sha(&tx->input[input_num].txid, sizeof(tx->input[input_num].txid),
ctx);
push_le32(tx->input[input_num].index, push_sha, ctx);
/* 5. scriptCode of the input (varInt for the length + script) */
push_varint_blob(witness_script, push_sha, ctx);
/* 6. value of the output spent by this input (8-byte little end) */
push_le64(*tx->input[input_num].amount, push_sha, ctx);
/* 7. nSequence of the input (4-byte little endian) */
push_le32(tx->input[input_num].sequence_number, push_sha, ctx);
/* 8. hashOutputs (32-byte hash) */
hash_outputs(&h, tx);
push_sha(&h, sizeof(h), ctx);
/* 9. nLocktime of the transaction (4-byte little endian) */
push_le32(tx->lock_time, push_sha, ctx);
}
static void hash_sequence(struct sha256_double *h, const struct bitcoin_tx *tx)
{
struct sha256_ctx ctx;
size_t i;
/* BIP143: If none of the ANYONECANPAY, SINGLE, NONE sighash type
* is set, hashSequence is the double SHA256 of the serialization
* of nSequence of all inputs */
sha256_init(&ctx);
for (i = 0; i < tal_count(tx->input); i++)
push_le32(tx->input[i].sequence_number, push_sha, &ctx);
sha256_double_done(&ctx, h);
}
static void push_tx(const struct bitcoin_tx *tx,
void (*push)(const void *, size_t, void *), void *pushp,
bool bip144)
{
varint_t i;
u8 flag = 0;
push_le32(tx->version, push, pushp);
if (bip144 && uses_witness(tx))
flag |= SEGREGATED_WITNESS_FLAG;
/* BIP 141: The flag MUST be a 1-byte non-zero value. */
/* ie. if no flags set, we fallback to pre-BIP144-style */
if (flag) {
u8 marker = 0;
/* BIP 144 */
/* marker char Must be zero */
/* flag char Must be nonzero */
push(&marker, 1, pushp);
push(&flag, 1, pushp);
}
push_varint(tal_count(tx->input), push, pushp);
for (i = 0; i < tal_count(tx->input); i++)
push_tx_input(&tx->input[i], push, pushp);
push_varint(tal_count(tx->output), push, pushp);
for (i = 0; i < tal_count(tx->output); i++)
push_tx_output(&tx->output[i], push, pushp);
if (flag & SEGREGATED_WITNESS_FLAG)
push_witnesses(tx, push, pushp);
push_le32(tx->lock_time, push, pushp);
}
static void hash_prevouts(struct sha256_double *h, const struct bitcoin_tx *tx)
{
struct sha256_ctx ctx;
size_t i;
/* BIP143: If the ANYONECANPAY flag is not set, hashPrevouts is the
* double SHA256 of the serialization of all input
* outpoints */
sha256_init(&ctx);
for (i = 0; i < tal_count(tx->input); i++) {
push_sha(&tx->input[i].txid, sizeof(tx->input[i].txid), &ctx);
push_le32(tx->input[i].index, push_sha, &ctx);
}
sha256_double_done(&ctx, h);
}
