starwels
/
starwels
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4729 Commits
3 Branches
Tree: 51ed9ec971
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '51ed9ec971'
${ noResults }
starwels/src/key.h

key.h 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308 
  1. // Copyright (c) 2009-2010 Satoshi Nakamoto

  2. // Copyright (c) 2009-2013 The Bitcoin developers

  3. // Distributed under the MIT/X11 software license, see the accompanying

  4. // file COPYING or http://www.opensource.org/licenses/mit-license.php.

  5. 

  6. #ifndef BITCOIN_KEY_H

  7. #define BITCOIN_KEY_H

  8. 

  9. #include "allocators.h"

  10. #include "hash.h"

  11. #include "serialize.h"

  12. #include "uint256.h"

  13. 

  14. #include <stdexcept>

  15. #include <vector>

  16. 

  17. // secp256k1:

  18. // const unsigned int PRIVATE_KEY_SIZE = 279;

  19. // const unsigned int PUBLIC_KEY_SIZE  = 65;

  20. // const unsigned int SIGNATURE_SIZE   = 72;

  21. //

  22. // see www.keylength.com

  23. // script supports up to 75 for single byte push

  24. 

  25. /** A reference to a CKey: the Hash160 of its serialized public key */

  26. class CKeyID : public uint160

  27. {

  28. public:

  29.     CKeyID() : uint160(0) { }

  30.     CKeyID(const uint160 &in) : uint160(in) { }

  31. };

  32. 

  33. /** A reference to a CScript: the Hash160 of its serialization (see script.h) */

  34. class CScriptID : public uint160

  35. {

  36. public:

  37.     CScriptID() : uint160(0) { }

  38.     CScriptID(const uint160 &in) : uint160(in) { }

  39. };

  40. 

  41. /** An encapsulated public key. */

  42. class CPubKey {

  43. private:

  44.     // Just store the serialized data.

  45.     // Its length can very cheaply be computed from the first byte.

  46.     unsigned char vch[65];

  47. 

  48.     // Compute the length of a pubkey with a given first byte.

  49.     unsigned int static GetLen(unsigned char chHeader) {

  50.         if (chHeader == 2 || chHeader == 3)

  51.             return 33;

  52.         if (chHeader == 4 || chHeader == 6 || chHeader == 7)

  53.             return 65;

  54.         return 0;

  55.     }

  56. 

  57.     // Set this key data to be invalid

  58.     void Invalidate() {

  59.         vch[0] = 0xFF;

  60.     }

  61. 

  62. public:

  63.     // Construct an invalid public key.

  64.     CPubKey() {

  65.         Invalidate();

  66.     }

  67. 

  68.     // Initialize a public key using begin/end iterators to byte data.

  69.     template<typename T>

  70.     void Set(const T pbegin, const T pend) {

  71.         int len = pend == pbegin ? 0 : GetLen(pbegin[0]);

  72.         if (len && len == (pend-pbegin))

  73.             memcpy(vch, (unsigned char*)&pbegin[0], len);

  74.         else

  75.             Invalidate();

  76.     }

  77. 

  78.     // Construct a public key using begin/end iterators to byte data.

  79.     template<typename T>

  80.     CPubKey(const T pbegin, const T pend) {

  81.         Set(pbegin, pend);

  82.     }

  83. 

  84.     // Construct a public key from a byte vector.

  85.     CPubKey(const std::vector<unsigned char> &vch) {

  86.         Set(vch.begin(), vch.end());

  87.     }

  88. 

  89.     // Simple read-only vector-like interface to the pubkey data.

  90.     unsigned int size() const { return GetLen(vch[0]); }

  91.     const unsigned char *begin() const { return vch; }

  92.     const unsigned char *end() const { return vch+size(); }

  93.     const unsigned char &operator[](unsigned int pos) const { return vch[pos]; }

  94. 

  95.     // Comparator implementation.

  96.     friend bool operator==(const CPubKey &a, const CPubKey &b) {

  97.         return a.vch[0] == b.vch[0] &&

  98.                memcmp(a.vch, b.vch, a.size()) == 0;

  99.     }

  100.     friend bool operator!=(const CPubKey &a, const CPubKey &b) {

  101.         return !(a == b);

  102.     }

  103.     friend bool operator<(const CPubKey &a, const CPubKey &b) {

  104.         return a.vch[0] < b.vch[0] ||

  105.                (a.vch[0] == b.vch[0] && memcmp(a.vch, b.vch, a.size()) < 0);

  106.     }

  107. 

  108.     // Implement serialization, as if this was a byte vector.

  109.     unsigned int GetSerializeSize(int nType, int nVersion) const {

  110.         return size() + 1;

  111.     }

  112.     template<typename Stream> void Serialize(Stream &s, int nType, int nVersion) const {

  113.         unsigned int len = size();

  114.         ::WriteCompactSize(s, len);

  115.         s.write((char*)vch, len);

  116.     }

  117.     template<typename Stream> void Unserialize(Stream &s, int nType, int nVersion) {

  118.         unsigned int len = ::ReadCompactSize(s);

  119.         if (len <= 65) {

  120.             s.read((char*)vch, len);

  121.         } else {

  122.             // invalid pubkey, skip available data

  123.             char dummy;

  124.             while (len--)

  125.                 s.read(&dummy, 1);

  126.             Invalidate();

  127.         }

  128.     }

  129. 

  130.     // Get the KeyID of this public key (hash of its serialization)

  131.     CKeyID GetID() const {

  132.         return CKeyID(Hash160(vch, vch+size()));

  133.     }

  134. 

  135.     // Get the 256-bit hash of this public key.

  136.     uint256 GetHash() const {

  137.         return Hash(vch, vch+size());

  138.     }

  139. 

  140.     // just check syntactic correctness.

  141.     bool IsValid() const {

  142.         return size() > 0;

  143.     }

  144. 

  145.     // fully validate whether this is a valid public key (more expensive than IsValid())

  146.     bool IsFullyValid() const;

  147. 

  148.     // Check whether this is a compressed public key.

  149.     bool IsCompressed() const {

  150.         return size() == 33;

  151.     }

  152. 

  153.     // Verify a DER signature (~72 bytes).

  154.     // If this public key is not fully valid, the return value will be false.

  155.     bool Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) const;

  156. 

  157.     // Verify a compact signature (~65 bytes).

  158.     // See CKey::SignCompact.

  159.     bool VerifyCompact(const uint256 &hash, const std::vector<unsigned char>& vchSig) const;

  160. 

  161.     // Recover a public key from a compact signature.

  162.     bool RecoverCompact(const uint256 &hash, const std::vector<unsigned char>& vchSig);

  163. 

  164.     // Turn this public key into an uncompressed public key.

  165.     bool Decompress();

  166. 

  167.     // Derive BIP32 child pubkey.

  168.     bool Derive(CPubKey& pubkeyChild, unsigned char ccChild[32], unsigned int nChild, const unsigned char cc[32]) const;

  169. };

  170. 

  171. 

  172. // secure_allocator is defined in allocators.h

  173. // CPrivKey is a serialized private key, with all parameters included (279 bytes)

  174. typedef std::vector<unsigned char, secure_allocator<unsigned char> > CPrivKey;

  175. 

  176. /** An encapsulated private key. */

  177. class CKey {

  178. private:

  179.     // Whether this private key is valid. We check for correctness when modifying the key

  180.     // data, so fValid should always correspond to the actual state.

  181.     bool fValid;

  182. 

  183.     // Whether the public key corresponding to this private key is (to be) compressed.

  184.     bool fCompressed;

  185. 

  186.     // The actual byte data

  187.     unsigned char vch[32];

  188. 

  189.     // Check whether the 32-byte array pointed to be vch is valid keydata.

  190.     bool static Check(const unsigned char *vch);

  191. public:

  192. 

  193.     // Construct an invalid private key.

  194.     CKey() : fValid(false) {

  195.         LockObject(vch);

  196.     }

  197. 

  198.     // Copy constructor. This is necessary because of memlocking.

  199.     CKey(const CKey &secret) : fValid(secret.fValid), fCompressed(secret.fCompressed) {

  200.         LockObject(vch);

  201.         memcpy(vch, secret.vch, sizeof(vch));

  202.     }

  203. 

  204.     // Destructor (again necessary because of memlocking).

  205.     ~CKey() {

  206.         UnlockObject(vch);

  207.     }

  208. 

  209.     friend bool operator==(const CKey &a, const CKey &b) {

  210.         return a.fCompressed == b.fCompressed && a.size() == b.size() &&

  211.                memcmp(&a.vch[0], &b.vch[0], a.size()) == 0;

  212.     }

  213. 

  214.     // Initialize using begin and end iterators to byte data.

  215.     template<typename T>

  216.     void Set(const T pbegin, const T pend, bool fCompressedIn) {

  217.         if (pend - pbegin != 32) {

  218.             fValid = false;

  219.             return;

  220.         }

  221.         if (Check(&pbegin[0])) {

  222.             memcpy(vch, (unsigned char*)&pbegin[0], 32);

  223.             fValid = true;

  224.             fCompressed = fCompressedIn;

  225.         } else {

  226.             fValid = false;

  227.         }

  228.     }

  229. 

  230.     // Simple read-only vector-like interface.

  231.     unsigned int size() const { return (fValid ? 32 : 0); }

  232.     const unsigned char *begin() const { return vch; }

  233.     const unsigned char *end() const { return vch + size(); }

  234. 

  235.     // Check whether this private key is valid.

  236.     bool IsValid() const { return fValid; }

  237. 

  238.     // Check whether the public key corresponding to this private key is (to be) compressed.

  239.     bool IsCompressed() const { return fCompressed; }

  240. 

  241.     // Initialize from a CPrivKey (serialized OpenSSL private key data).

  242.     bool SetPrivKey(const CPrivKey &vchPrivKey, bool fCompressed);

  243. 

  244.     // Generate a new private key using a cryptographic PRNG.

  245.     void MakeNewKey(bool fCompressed);

  246. 

  247.     // Convert the private key to a CPrivKey (serialized OpenSSL private key data).

  248.     // This is expensive.

  249.     CPrivKey GetPrivKey() const;

  250. 

  251.     // Compute the public key from a private key.

  252.     // This is expensive.

  253.     CPubKey GetPubKey() const;

  254. 

  255.     // Create a DER-serialized signature.

  256.     bool Sign(const uint256 &hash, std::vector<unsigned char>& vchSig) const;

  257. 

  258.     // Create a compact signature (65 bytes), which allows reconstructing the used public key.

  259.     // The format is one header byte, followed by two times 32 bytes for the serialized r and s values.

  260.     // The header byte: 0x1B = first key with even y, 0x1C = first key with odd y,

  261.     //                  0x1D = second key with even y, 0x1E = second key with odd y,

  262.     //                  add 0x04 for compressed keys.

  263.     bool SignCompact(const uint256 &hash, std::vector<unsigned char>& vchSig) const;

  264. 

  265.     // Derive BIP32 child key.

  266.     bool Derive(CKey& keyChild, unsigned char ccChild[32], unsigned int nChild, const unsigned char cc[32]) const;

  267. 

  268.     // Load private key and check that public key matches.

  269.     bool Load(CPrivKey &privkey, CPubKey &vchPubKey, bool fSkipCheck);

  270. };

  271. 

  272. struct CExtPubKey {

  273.     unsigned char nDepth;

  274.     unsigned char vchFingerprint[4];

  275.     unsigned int nChild;

  276.     unsigned char vchChainCode[32];

  277.     CPubKey pubkey;

  278. 

  279.     friend bool operator==(const CExtPubKey &a, const CExtPubKey &b) {

  280.         return a.nDepth == b.nDepth && memcmp(&a.vchFingerprint[0], &b.vchFingerprint[0], 4) == 0 && a.nChild == b.nChild &&

  281.                memcmp(&a.vchChainCode[0], &b.vchChainCode[0], 32) == 0 && a.pubkey == b.pubkey;

  282.     }

  283. 

  284.     void Encode(unsigned char code[74]) const;

  285.     void Decode(const unsigned char code[74]);

  286.     bool Derive(CExtPubKey &out, unsigned int nChild) const;

  287. };

  288. 

  289. struct CExtKey {

  290.     unsigned char nDepth;

  291.     unsigned char vchFingerprint[4];

  292.     unsigned int nChild;

  293.     unsigned char vchChainCode[32];

  294.     CKey key;

  295. 

  296.     friend bool operator==(const CExtKey &a, const CExtKey &b) {

  297.         return a.nDepth == b.nDepth && memcmp(&a.vchFingerprint[0], &b.vchFingerprint[0], 4) == 0 && a.nChild == b.nChild &&

  298.                memcmp(&a.vchChainCode[0], &b.vchChainCode[0], 32) == 0 && a.key == b.key;

  299.     }

  300. 

  301.     void Encode(unsigned char code[74]) const;

  302.     void Decode(const unsigned char code[74]);

  303.     bool Derive(CExtKey &out, unsigned int nChild) const;

  304.     CExtPubKey Neuter() const;

  305.     void SetMaster(const unsigned char *seed, unsigned int nSeedLen);

  306. };

  307. 

  308. #endif