interop/crypto: allow ECDsaVerify to verify ScriptContainer

When verifying transaction or block, verification script can be
a simple PUSHNULL + SYSCALL, which means that script-encontaining
entity should be verified.

pkg/core/interop/context.go

@@ -6,6 +6,7 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/core/dao"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
+	"github.com/nspcc-dev/neo-go/pkg/crypto"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
 	"github.com/nspcc-dev/neo-go/pkg/vm"
 	"go.uber.org/zap"
@@ -14,6 +15,7 @@ import (
 // Context represents context in which interops are executed.
 type Context struct {
 	Chain         blockchainer.Blockchainer
+	Container     crypto.Verifiable
 	Trigger       trigger.Type
 	Block         *block.Block
 	Tx            *transaction.Transaction

pkg/core/interop/crypto/ecdsa.go

@@ -49,11 +49,13 @@ func ECDSACheckMultisig(ic *interop.Context, v *vm.VM) error {
 	return nil
 }
 
-func getMessage(_ *interop.Context, item vm.StackItem) []byte {
+func getMessage(ic *interop.Context, item vm.StackItem) []byte {
 	var msg []byte
 	switch val := item.(type) {
 	case *vm.InteropItem:
 		msg = val.Value().(crypto.Verifiable).GetSignedPart()
+	case vm.NullItem:
+		msg = ic.Container.GetSignedPart()
 	default:
 		var err error
 		if msg, err = val.TryBytes(); err != nil {

pkg/core/interop_neo_test.go

@@ -280,6 +280,14 @@ func TestECDSAVerify(t *testing.T) {
 		runCase(t, false, true, sign, priv.PublicKey().Bytes(), vm.NewInteropItem(tx))
 	})
 
+	t.Run("signed script container", func(t *testing.T) {
+		tx := transaction.NewInvocationTX([]byte{0, 1, 2}, 1)
+		msg := tx.GetSignedPart()
+		sign := priv.Sign(msg)
+		ic.Container = tx
+		runCase(t, false, true, sign, priv.PublicKey().Bytes(), vm.NullItem{})
+	})
+
 	t.Run("missing arguments", func(t *testing.T) {
 		runCase(t, true, false)
 		sign := priv.Sign(msg)