You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

pubkey.h 6.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224
  1. // Copyright (c) 2009-2010 Satoshi Nakamoto
  2. // Copyright (c) 2009-2015 The Bitcoin Core developers
  3. // Distributed under the MIT software license, see the accompanying
  4. // file COPYING or http://www.opensource.org/licenses/mit-license.php.
  5. #ifndef BITCOIN_PUBKEY_H
  6. #define BITCOIN_PUBKEY_H
  7. #include "hash.h"
  8. #include "serialize.h"
  9. #include "uint256.h"
  10. #include <stdexcept>
  11. #include <vector>
  12. /**
  13. * secp256k1:
  14. * const unsigned int PRIVATE_KEY_SIZE = 279;
  15. * const unsigned int PUBLIC_KEY_SIZE = 65;
  16. * const unsigned int SIGNATURE_SIZE = 72;
  17. *
  18. * see www.keylength.com
  19. * script supports up to 75 for single byte push
  20. */
  21. /** A reference to a CKey: the Hash160 of its serialized public key */
  22. class CKeyID : public uint160
  23. {
  24. public:
  25. CKeyID() : uint160() {}
  26. CKeyID(const uint160& in) : uint160(in) {}
  27. };
  28. typedef uint256 ChainCode;
  29. /** An encapsulated public key. */
  30. class CPubKey
  31. {
  32. private:
  33. /**
  34. * Just store the serialized data.
  35. * Its length can very cheaply be computed from the first byte.
  36. */
  37. unsigned char vch[65];
  38. //! Compute the length of a pubkey with a given first byte.
  39. unsigned int static GetLen(unsigned char chHeader)
  40. {
  41. if (chHeader == 2 || chHeader == 3)
  42. return 33;
  43. if (chHeader == 4 || chHeader == 6 || chHeader == 7)
  44. return 65;
  45. return 0;
  46. }
  47. //! Set this key data to be invalid
  48. void Invalidate()
  49. {
  50. vch[0] = 0xFF;
  51. }
  52. public:
  53. //! Construct an invalid public key.
  54. CPubKey()
  55. {
  56. Invalidate();
  57. }
  58. //! Initialize a public key using begin/end iterators to byte data.
  59. template <typename T>
  60. void Set(const T pbegin, const T pend)
  61. {
  62. int len = pend == pbegin ? 0 : GetLen(pbegin[0]);
  63. if (len && len == (pend - pbegin))
  64. memcpy(vch, (unsigned char*)&pbegin[0], len);
  65. else
  66. Invalidate();
  67. }
  68. //! Construct a public key using begin/end iterators to byte data.
  69. template <typename T>
  70. CPubKey(const T pbegin, const T pend)
  71. {
  72. Set(pbegin, pend);
  73. }
  74. //! Construct a public key from a byte vector.
  75. CPubKey(const std::vector<unsigned char>& vch)
  76. {
  77. Set(vch.begin(), vch.end());
  78. }
  79. //! Simple read-only vector-like interface to the pubkey data.
  80. unsigned int size() const { return GetLen(vch[0]); }
  81. const unsigned char* begin() const { return vch; }
  82. const unsigned char* end() const { return vch + size(); }
  83. const unsigned char& operator[](unsigned int pos) const { return vch[pos]; }
  84. //! Comparator implementation.
  85. friend bool operator==(const CPubKey& a, const CPubKey& b)
  86. {
  87. return a.vch[0] == b.vch[0] &&
  88. memcmp(a.vch, b.vch, a.size()) == 0;
  89. }
  90. friend bool operator!=(const CPubKey& a, const CPubKey& b)
  91. {
  92. return !(a == b);
  93. }
  94. friend bool operator<(const CPubKey& a, const CPubKey& b)
  95. {
  96. return a.vch[0] < b.vch[0] ||
  97. (a.vch[0] == b.vch[0] && memcmp(a.vch, b.vch, a.size()) < 0);
  98. }
  99. //! Implement serialization, as if this was a byte vector.
  100. unsigned int GetSerializeSize(int nType, int nVersion) const
  101. {
  102. return size() + 1;
  103. }
  104. template <typename Stream>
  105. void Serialize(Stream& s, int nType, int nVersion) const
  106. {
  107. unsigned int len = size();
  108. ::WriteCompactSize(s, len);
  109. s.write((char*)vch, len);
  110. }
  111. template <typename Stream>
  112. void Unserialize(Stream& s, int nType, int nVersion)
  113. {
  114. unsigned int len = ::ReadCompactSize(s);
  115. if (len <= 65) {
  116. s.read((char*)vch, len);
  117. } else {
  118. // invalid pubkey, skip available data
  119. char dummy;
  120. while (len--)
  121. s.read(&dummy, 1);
  122. Invalidate();
  123. }
  124. }
  125. //! Get the KeyID of this public key (hash of its serialization)
  126. CKeyID GetID() const
  127. {
  128. return CKeyID(Hash160(vch, vch + size()));
  129. }
  130. //! Get the 256-bit hash of this public key.
  131. uint256 GetHash() const
  132. {
  133. return Hash(vch, vch + size());
  134. }
  135. /*
  136. * Check syntactic correctness.
  137. *
  138. * Note that this is consensus critical as CheckSig() calls it!
  139. */
  140. bool IsValid() const
  141. {
  142. return size() > 0;
  143. }
  144. //! fully validate whether this is a valid public key (more expensive than IsValid())
  145. bool IsFullyValid() const;
  146. //! Check whether this is a compressed public key.
  147. bool IsCompressed() const
  148. {
  149. return size() == 33;
  150. }
  151. /**
  152. * Verify a DER signature (~72 bytes).
  153. * If this public key is not fully valid, the return value will be false.
  154. */
  155. bool Verify(const uint256& hash, const std::vector<unsigned char>& vchSig) const;
  156. /**
  157. * Check whether a signature is normalized (lower-S).
  158. */
  159. static bool CheckLowS(const std::vector<unsigned char>& vchSig);
  160. //! Recover a public key from a compact signature.
  161. bool RecoverCompact(const uint256& hash, const std::vector<unsigned char>& vchSig);
  162. //! Turn this public key into an uncompressed public key.
  163. bool Decompress();
  164. //! Derive BIP32 child pubkey.
  165. bool Derive(CPubKey& pubkeyChild, ChainCode &ccChild, unsigned int nChild, const ChainCode& cc) const;
  166. };
  167. struct CExtPubKey {
  168. unsigned char nDepth;
  169. unsigned char vchFingerprint[4];
  170. unsigned int nChild;
  171. ChainCode chaincode;
  172. CPubKey pubkey;
  173. friend bool operator==(const CExtPubKey &a, const CExtPubKey &b)
  174. {
  175. return a.nDepth == b.nDepth && memcmp(&a.vchFingerprint[0], &b.vchFingerprint[0], 4) == 0 && a.nChild == b.nChild &&
  176. a.chaincode == b.chaincode && a.pubkey == b.pubkey;
  177. }
  178. void Encode(unsigned char code[74]) const;
  179. void Decode(const unsigned char code[74]);
  180. bool Derive(CExtPubKey& out, unsigned int nChild) const;
  181. };
  182. /** Users of this module must hold an ECCVerifyHandle. The constructor and
  183. * destructor of these are not allowed to run in parallel, though. */
  184. class ECCVerifyHandle
  185. {
  186. static int refcount;
  187. public:
  188. ECCVerifyHandle();
  189. ~ECCVerifyHandle();
  190. };
  191. #endif // BITCOIN_PUBKEY_H