#include <map>
#include <openssl/ecdsa.h>
-#include <openssl/obj_mac.h>
-#include <openssl/ssl.h>
-#include <openssl/ecdh.h>
+#include <openssl/evp.h>
#include "key.h"
#include "base58.h"
-#include "ies.h"
// Generate a private key from just the secret parameter
int EC_KEY_regenerate_key(EC_KEY *eckey, BIGNUM *priv_key)
x = BN_CTX_get(ctx);
if (!BN_copy(x, order)) { ret=-1; goto err; }
if (!BN_mul_word(x, i)) { ret=-1; goto err; }
- if (!BN_add(x, x, ecsig->r)) { ret=-1; goto err; }
+
+ // Get internal R and S pointers
+ const BIGNUM *ecsig_r, *ecsig_s;
+ ECDSA_SIG_get0(ecsig, &ecsig_r, &ecsig_s);
+
+ if (!BN_add(x, x, ecsig_r)) { ret=-1; goto err; }
field = BN_CTX_get(ctx);
if (!EC_GROUP_get_curve_GFp(group, field, NULL, NULL, ctx)) { ret=-2; goto err; }
if (BN_cmp(x, field) >= 0) { ret=0; goto err; }
if (!BN_bin2bn(msg, msglen, e)) { ret=-1; goto err; }
if (8*msglen > n) BN_rshift(e, e, 8-(n & 7));
zero = BN_CTX_get(ctx);
- if (!BN_zero(zero)) { ret=-1; goto err; }
+ if (!BN_set_word(zero, 0)) { ret=-1; goto err; }
if (!BN_mod_sub(e, zero, e, order, ctx)) { ret=-1; goto err; }
rr = BN_CTX_get(ctx);
- if (!BN_mod_inverse(rr, ecsig->r, order, ctx)) { ret=-1; goto err; }
+ if (!BN_mod_inverse(rr, ecsig_r, order, ctx)) { ret=-1; goto err; }
sor = BN_CTX_get(ctx);
- if (!BN_mod_mul(sor, ecsig->s, rr, order, ctx)) { ret=-1; goto err; }
+ if (!BN_mod_mul(sor, ecsig_s, rr, order, ctx)) { ret=-1; goto err; }
eor = BN_CTX_get(ctx);
if (!BN_mod_mul(eor, e, rr, order, ctx)) { ret=-1; goto err; }
if (!EC_POINT_mul(group, Q, eor, R, sor, ctx)) { ret=-2; goto err; }
const unsigned char *vchZero = NULL;
-
-
-void CKey::SetCompressedPubKey()
+void CKey::SetCompressedPubKey(bool fCompressed)
{
- EC_KEY_set_conv_form(pkey, POINT_CONVERSION_COMPRESSED);
- fCompressedPubKey = true;
+ EC_KEY_set_conv_form(pkey, fCompressed ? POINT_CONVERSION_COMPRESSED : POINT_CONVERSION_UNCOMPRESSED);
}
void CKey::Reset()
{
- fCompressedPubKey = false;
+ fSet = false;
if (pkey != NULL)
EC_KEY_free(pkey);
pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
if (pkey == NULL)
throw key_error("CKey::CKey() : EC_KEY_new_by_curve_name failed");
- fSet = false;
}
CKey::CKey()
if (pkey == NULL)
throw key_error("CKey::CKey(const CKey&) : EC_KEY_dup failed");
fSet = b.fSet;
- fCompressedPubKey = b.fCompressedPubKey;
+}
+
+CKey::CKey(const CSecret& b, bool fCompressed)
+{
+ pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
+ if (pkey == NULL)
+ throw key_error("CKey::CKey(const CKey&) : EC_KEY_dup failed");
+ SetSecret(b, fCompressed);
}
CKey& CKey::operator=(const CKey& b)
if (!EC_KEY_copy(pkey, b.pkey))
throw key_error("CKey::operator=(const CKey&) : EC_KEY_copy failed");
fSet = b.fSet;
- fCompressedPubKey = b.fCompressedPubKey;
return (*this);
}
CKey::~CKey()
{
- EC_KEY_free(pkey);
+ if (pkey != NULL)
+ EC_KEY_free(pkey);
}
bool CKey::IsNull() const
bool CKey::IsCompressed() const
{
- return fCompressedPubKey;
+ return (EC_KEY_get_conv_form(pkey) == POINT_CONVERSION_COMPRESSED);
}
bool CKey::CheckSignatureElement(const unsigned char *vch, int len, bool half) {
CompareBigEndian(vch, len, half ? vchMaxModHalfOrder : vchMaxModOrder, 32) <= 0;
}
-bool CKey::ReserealizeSignature(std::vector<unsigned char>& vchSig)
+bool CPubKey::ReserealizeSignature(std::vector<unsigned char>& vchSig)
{
if (vchSig.empty())
return false;
{
if (!EC_KEY_generate_key(pkey))
throw key_error("CKey::MakeNewKey() : EC_KEY_generate_key failed");
- if (fCompressed)
- SetCompressedPubKey();
+ SetCompressedPubKey(fCompressed);
fSet = true;
}
pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
if (pkey == NULL)
throw key_error("CKey::SetSecret() : EC_KEY_new_by_curve_name failed");
+
if (vchSecret.size() != 32)
throw key_error("CKey::SetSecret() : secret must be 32 bytes");
BIGNUM *bn = BN_bin2bn(&vchSecret[0],32,BN_new());
}
BN_clear_free(bn);
fSet = true;
- if (fCompressed || fCompressedPubKey)
- SetCompressedPubKey();
+ SetCompressedPubKey(fCompressed);
return true;
}
int n=BN_bn2bin(bn,&vchRet[32 - nBytes]);
if (n != nBytes)
throw key_error("CKey::GetSecret(): BN_bn2bin failed");
- fCompressed = fCompressedPubKey;
+ fCompressed = IsCompressed();
return vchRet;
}
+CSecret CKey::GetSecret() const
+{
+ bool fCompressed;
+ return GetSecret(fCompressed);
+}
+
CPrivKey CKey::GetPrivKey() const
{
int nSize = i2d_ECPrivateKey(pkey, NULL);
return vchPrivKey;
}
-bool CKey::SetPubKey(const CPubKey& vchPubKey)
-{
- const unsigned char* pbegin = &vchPubKey.vchPubKey[0];
- if (o2i_ECPublicKey(&pkey, &pbegin, vchPubKey.vchPubKey.size()))
- {
- fSet = true;
- if (vchPubKey.vchPubKey.size() == 33)
- SetCompressedPubKey();
- return true;
- }
- pkey = NULL;
- Reset();
- return false;
-}
-
CPubKey CKey::GetPubKey() const
{
int nSize = i2o_ECPublicKey(pkey, NULL);
if (sig==NULL)
return false;
const EC_GROUP *group = EC_KEY_get0_group(pkey);
- CBigNum order, halforder;
- EC_GROUP_get_order(group, &order, NULL);
- BN_rshift1(&halforder, &order);
+
+ BIGNUM* order = BN_new(), *halforder = BN_new();
+ EC_GROUP_get_order(group, order, NULL);
+ BN_rshift1(halforder, order);
+
+ // Get internal R and S pointers
+ const BIGNUM *current_s = ECDSA_SIG_get0_s(sig);
+
// enforce low S values, by negating the value (modulo the order) if above order/2.
- if (BN_cmp(sig->s, &halforder) > 0) {
- BN_sub(sig->s, &order, sig->s);
+ if (BN_cmp(current_s, halforder) > 0) {
+ BIGNUM *updated_s = BN_new();
+ BN_copy(updated_s, current_s);
+ BN_sub(updated_s, order, updated_s);
+ ECDSA_SIG_set0(sig, NULL, updated_s);
}
+
+ BN_free(order);
+ BN_free(halforder);
+
unsigned int nSize = ECDSA_size(pkey);
vchSig.resize(nSize); // Make sure it is big enough
unsigned char *pos = &vchSig[0];
if (sig==NULL)
return false;
const EC_GROUP *group = EC_KEY_get0_group(pkey);
- CBigNum order, halforder;
- EC_GROUP_get_order(group, &order, NULL);
- BN_rshift1(&halforder, &order);
+ BIGNUM* order = BN_new(), *halforder = BN_new();
+ EC_GROUP_get_order(group, order, NULL);
+ BN_rshift1(halforder, order);
+
+ // Get internal R and S pointers
+ const BIGNUM *current_s = ECDSA_SIG_get0_s(sig);
+
// enforce low S values, by negating the value (modulo the order) if above order/2.
- if (BN_cmp(sig->s, &halforder) > 0) {
- BN_sub(sig->s, &order, sig->s);
+ if (BN_cmp(current_s, halforder) > 0) {
+ BIGNUM *updated_s = BN_new();
+ BN_copy(updated_s, current_s);
+ BN_sub(updated_s, order, updated_s);
+ ECDSA_SIG_set0(sig, NULL, updated_s);
}
+
+ BN_free(order);
+ BN_free(halforder);
+
vchSig.clear();
vchSig.resize(65,0);
- int nBitsR = BN_num_bits(sig->r);
- int nBitsS = BN_num_bits(sig->s);
+ int nBitsR = BN_num_bits(ECDSA_SIG_get0_r(sig));
+ int nBitsS = BN_num_bits(ECDSA_SIG_get0_s(sig));
+ bool fCompressedPubKey = IsCompressed();
if (nBitsR <= 256 && nBitsS <= 256)
{
int8_t nRecId = -1;
{
CKey keyRec;
keyRec.fSet = true;
- if (fCompressedPubKey)
- keyRec.SetCompressedPubKey();
+ keyRec.SetCompressedPubKey(fCompressedPubKey);
if (ECDSA_SIG_recover_key_GFp(keyRec.pkey, sig, (unsigned char*)&hash, sizeof(hash), i, 1) == 1)
if (keyRec.GetPubKey() == this->GetPubKey())
{
}
vchSig[0] = nRecId+27+(fCompressedPubKey ? 4 : 0);
- BN_bn2bin(sig->r,&vchSig[33-(nBitsR+7)/8]);
- BN_bn2bin(sig->s,&vchSig[65-(nBitsS+7)/8]);
+ BN_bn2bin(ECDSA_SIG_get0_r(sig),&vchSig[33-(nBitsR+7)/8]);
+ BN_bn2bin(ECDSA_SIG_get0_s(sig),&vchSig[65-(nBitsS+7)/8]);
fOk = true;
}
+
ECDSA_SIG_free(sig);
return fOk;
}
// This is only slightly more CPU intensive than just verifying it.
// If this function succeeds, the recovered public key is guaranteed to be valid
// (the signature is a valid signature of the given data for that key)
-bool CKey::SetCompactSignature(uint256 hash, const std::vector<unsigned char>& vchSig)
+bool CPubKey::SetCompactSignature(uint256 hash, const std::vector<unsigned char>& vchSig)
{
if (vchSig.size() != 65)
return false;
if (nV<27 || nV>=35)
return false;
ECDSA_SIG *sig = ECDSA_SIG_new();
- BN_bin2bn(&vchSig[1],32,sig->r);
- BN_bin2bn(&vchSig[33],32,sig->s);
-
- EC_KEY_free(pkey);
- pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
+ BIGNUM *sig_r = BN_new(), *sig_s = BN_new();
+ BN_bin2bn(&vchSig[1],32,sig_r);
+ BN_bin2bn(&vchSig[33],32,sig_s);
+ ECDSA_SIG_set0(sig, sig_r, sig_s);
+ bool fSuccessful = false;
+ EC_KEY* pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
if (nV >= 31)
{
- SetCompressedPubKey();
nV -= 4;
+ EC_KEY_set_conv_form(pkey, POINT_CONVERSION_COMPRESSED);
}
- if (ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), nV - 27, 0) == 1)
+ do
{
- fSet = true;
- ECDSA_SIG_free(sig);
- return true;
- }
+ if (ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), nV - 27, 0) != 1)
+ break;
+ int nSize = i2o_ECPublicKey(pkey, NULL);
+ if (!nSize)
+ break;
+ std::vector<unsigned char> vchPubKey(nSize, 0);
+ unsigned char* pbegin = &vchPubKey[0];
+ if (i2o_ECPublicKey(pkey, &pbegin) != nSize)
+ break;
+ Set(vchPubKey.begin(), vchPubKey.end());
+ fSuccessful = IsValid();
+
+ } while (false);
ECDSA_SIG_free(sig);
- return false;
+ EC_KEY_free(pkey);
+ if (!fSuccessful)
+ Invalidate();
+ return fSuccessful;
}
-bool CKey::Verify(uint256 hash, const std::vector<unsigned char>& vchSig)
+bool CPubKey::Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) const
{
- if (vchSig.empty())
+ if (vchSig.empty() || !IsValid())
return false;
- // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
- unsigned char *norm_der = NULL;
+ EC_KEY *pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
ECDSA_SIG *norm_sig = ECDSA_SIG_new();
- const unsigned char* sigptr = &vchSig[0];
+
assert(norm_sig);
- if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
+ assert(pkey);
+
+ bool ret = false;
+ do
{
- /* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on
- * error. But OpenSSL's own use of this function redundantly frees the
- * result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a
- * clear contract for the function behaving the same way is more
- * conservative.
- */
- ECDSA_SIG_free(norm_sig);
- return false;
- }
- int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
+ int derlen;
+ uint8_t *norm_der = NULL;
+ const uint8_t* pbegin = &vbytes[0];
+ const uint8_t* sigptr = &vchSig[0];
+
+ // Trying to parse public key
+ if (!o2i_ECPublicKey(&pkey, &pbegin, size()))
+ break;
+ // New versions of OpenSSL are rejecting a non-canonical DER signatures, de/re-serialize first.
+ if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
+ break;
+ if ((derlen = i2d_ECDSA_SIG(norm_sig, &norm_der)) <= 0)
+ break;
+
+ // -1 = error, 0 = bad sig, 1 = good
+ ret = ECDSA_verify(0, (const unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
+ OPENSSL_free(norm_der);
+ } while(false);
+
ECDSA_SIG_free(norm_sig);
- if (derlen <= 0)
- return false;
+ EC_KEY_free(pkey);
- // -1 = error, 0 = bad sig, 1 = good
- bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
- OPENSSL_free(norm_der);
return ret;
}
-bool CKey::VerifyCompact(uint256 hash, const std::vector<unsigned char>& vchSig)
+bool CPubKey::VerifyCompact(uint256 hash, const std::vector<unsigned char>& vchSig)
{
- CKey key;
+ CPubKey key;
if (!key.SetCompactSignature(hash, vchSig))
return false;
- if (GetPubKey() != key.GetPubKey())
- return false;
-
return true;
}
CSecret secret = GetSecret(fCompr);
CKey key2;
key2.SetSecret(secret, fCompr);
+
return GetPubKey() == key2.GetPubKey();
}
return true;
}
+// Initialize from octets stream
+bool CPoint::setPubKey(const CPubKey &key)
+{
+ std::vector<uint8_t> vchPubKey(key.begin(), key.end());
+ return setBytes(vchPubKey);
+}
+
// Serialize to octets stream
bool CPoint::getBytes(std::vector<unsigned char> &vchBytes)
{
- unsigned int nSize = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx);
+ size_t nSize = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx);
vchBytes.resize(nSize);
if (!(nSize == EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, &vchBytes[0], nSize, ctx))) {
return false;
// ECC multiplication by specified multiplier
bool CPoint::ECMUL(const CBigNum &bnMultiplier)
{
- if (!EC_POINT_mul(group, point, NULL, point, &bnMultiplier, NULL)) {
- printf("CPoint::ECMUL() : EC_POINT_mul failed");
- return false;
- }
-
- return true;
+ BIGNUM* bnMul = bnMultiplier.get();
+ bool ok = EC_POINT_mul(group, point, NULL, point, bnMul, NULL);
+ if (!ok) printf("CPoint::ECMUL() : EC_POINT_mul failed");
+ BN_free(bnMul);
+ return ok;
}
// Calculate G*m + q
bool CPoint::ECMULGEN(const CBigNum &bnMultiplier, const CPoint &qPoint)
{
- if (!EC_POINT_mul(group, point, &bnMultiplier, qPoint.point, BN_value_one(), NULL)) {
- printf("CPoint::ECMULGEN() : EC_POINT_mul failed.");
- return false;
- }
-
- return true;
+ BIGNUM* bnMul = bnMultiplier.get();
+ bool ok = EC_POINT_mul(group, point, bnMul, qPoint.point, BN_value_one(), NULL);
+ if (!ok) printf("CPoint::ECMULGEN() : EC_POINT_mul failed.");
+ BN_free(bnMul);
+ return ok;
}
// CMalleablePubKey
R = CPubKey(vchPubKey);
// OpenSSL BIGNUM representation of r value
- CBigNum bnr;
- bnr = *(CBigNum*) EC_KEY_get0_private_key(eckey);
+ CBigNum bnr(EC_KEY_get0_private_key(eckey));
EC_KEY_free(eckey);
CPoint point;
- if (!point.setBytes(pubKeyL.Raw())) {
+ if (!point.setPubKey(pubKeyL)) {
throw key_error("CMalleablePubKey::GetVariant() : Unable to decode L value");
}
bnHash.setuint160(Hash160(vchLr));
CPoint pointH;
- pointH.setBytes(pubKeyH.Raw());
+ pointH.setPubKey(pubKeyH);
CPoint P;
// Calculate P = Hash(L*r)*G + H
vchPubKeyVariant = CPubKey(vchResult);
}
-std::string CMalleablePubKey::ToString()
+std::string CMalleablePubKey::ToString() const
{
CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION);
ssKey << *this;
return EncodeBase58Check(vch);
}
+bool CMalleablePubKey::setvch(const std::vector<unsigned char> &vchPubKeyPair)
+{
+ CDataStream ssKey(vchPubKeyPair, SER_NETWORK, PROTOCOL_VERSION);
+ ssKey >> *this;
+
+ return IsValid();
+}
+
+std::vector<unsigned char> CMalleablePubKey::Raw() const
+{
+ CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION);
+ ssKey << *this;
+ std::vector<unsigned char> vch(ssKey.begin(), ssKey.end());
+
+ return vch;
+}
+
bool CMalleablePubKey::SetString(const std::string& strMalleablePubKey)
{
std::vector<unsigned char> vchTemp;
if (!DecodeBase58Check(strMalleablePubKey, vchTemp)) {
throw key_error("CMalleablePubKey::SetString() : Provided key data seems corrupted.");
}
+ if (vchTemp.size() != 68)
+ return false;
CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION);
ssKey >> *this;
bool CMalleablePubKey::operator==(const CMalleablePubKey &b)
{
- return (nVersion == b.nVersion &&
- pubKeyL == b.pubKeyL &&
- pubKeyH == b.pubKeyH);
+ return pubKeyL == b.pubKeyL && pubKeyH == b.pubKeyH;
}
{
vchSecretL.clear();
vchSecretH.clear();
-
- nVersion = 0;
}
void CMalleableKey::MakeNewKeys()
{
- CKey L, H;
- bool fCompressed = true;
-
- L.MakeNewKey(true);
- H.MakeNewKey(true);
+ Reset();
- vchSecretL = L.GetSecret(fCompressed);
- vchSecretH = H.GetSecret(fCompressed);
+ CKey keyL, keyH;
+ keyL.MakeNewKey();
+ keyH.MakeNewKey();
- nVersion = CURRENT_VERSION;
+ vchSecretL = keyL.GetSecret();
+ vchSecretH = keyH.GetSecret();
}
CMalleableKey::CMalleableKey()
SetSecrets(L, H);
}
-CMalleableKey& CMalleableKey::operator=(const CMalleableKey &b)
-{
- SetSecrets(b.vchSecretL, b.vchSecretH);
-
- return (*this);
-}
-
CMalleableKey::~CMalleableKey()
{
}
bool CMalleableKey::IsNull() const
{
- return nVersion != CURRENT_VERSION;
+ return vchSecretL.size() != 32 || vchSecretH.size() != 32;
}
bool CMalleableKey::SetSecrets(const CSecret &pvchSecretL, const CSecret &pvchSecretH)
{
Reset();
- CKey L, H;
- if (!L.SetSecret(pvchSecretL, true) || !H.SetSecret(pvchSecretH, true))
- {
- nVersion = 0;
+ CKey keyL(pvchSecretL);
+ CKey keyH(pvchSecretH);
+
+ if (!keyL.IsValid() || !keyH.IsValid())
return false;
- }
vchSecretL = pvchSecretL;
vchSecretH = pvchSecretH;
- nVersion = CURRENT_VERSION;
return true;
}
-void CMalleableKey::GetSecrets(CSecret &pvchSecretL, CSecret &pvchSecretH) const
-{
- pvchSecretL = vchSecretL;
- pvchSecretH = vchSecretH;
-}
-
CMalleablePubKey CMalleableKey::GetMalleablePubKey() const
{
- CKey L, H;
- L.SetSecret(vchSecretL, true);
- H.SetSecret(vchSecretH, true);
-
- std::vector<unsigned char> vchPubKeyL = L.GetPubKey().Raw();
- std::vector<unsigned char> vchPubKeyH = H.GetPubKey().Raw();
-
- return CMalleablePubKey(vchPubKeyL, vchPubKeyH);
+ CKey L(vchSecretL), H(vchSecretH);
+ return CMalleablePubKey(L.GetPubKey(), H.GetPubKey());
}
// Check ownership
-bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant)
+bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant) const
{
if (IsNull()) {
throw key_error("CMalleableKey::CheckKeyVariant() : Attempting to run on NULL key object.");
}
if (!R.IsValid()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : R is invalid");
+ printf("CMalleableKey::CheckKeyVariant() : R is invalid");
+ return false;
}
if (!vchPubKeyVariant.IsValid()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : public key variant is invalid");
+ printf("CMalleableKey::CheckKeyVariant() : public key variant is invalid");
+ return false;
}
CPoint point_R;
- if (!point_R.setBytes(R.Raw())) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode R value");
+ if (!point_R.setPubKey(R)) {
+ printf("CMalleableKey::CheckKeyVariant() : Unable to decode R value");
+ return false;
}
- CKey H;
- H.SetSecret(vchSecretH, true);
- std::vector<unsigned char> vchPubKeyH = H.GetPubKey().Raw();
+ CKey H(vchSecretH);
+ CPubKey vchPubKeyH = H.GetPubKey();
CPoint point_H;
- if (!point_H.setBytes(vchPubKeyH)) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode H value");
+ if (!point_H.setPubKey(vchPubKeyH)) {
+ printf("CMalleableKey::CheckKeyVariant() : Unable to decode H value");
+ return false;
}
CPoint point_P;
- if (!point_P.setBytes(vchPubKeyVariant.Raw())) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode P value");
+ if (!point_P.setPubKey(vchPubKeyVariant)) {
+ printf("CMalleableKey::CheckKeyVariant() : Unable to decode P value");
+ return false;
}
// Infinity points are senseless
if (point_P.IsInfinity()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : P is infinity");
+ printf("CMalleableKey::CheckKeyVariant() : P is infinity");
+ return false;
}
CBigNum bnl;
std::vector<unsigned char> vchRl;
if (!point_R.getBytes(vchRl)) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value");
+ printf("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value");
+ return false;
}
// Calculate Hash(R*l)
// Infinity points are senseless
if (point_Ps.IsInfinity()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Ps is infinity");
+ printf("CMalleableKey::CheckKeyVariant() : Ps is infinity");
+ return false;
}
// Check ownership
}
// Check ownership and restore private key
-bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant, CKey &privKeyVariant)
+bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant, CKey &privKeyVariant) const
{
if (IsNull()) {
throw key_error("CMalleableKey::CheckKeyVariant() : Attempting to run on NULL key object.");
}
if (!R.IsValid()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : R is invalid");
+ printf("CMalleableKey::CheckKeyVariant() : R is invalid");
+ return false;
}
if (!vchPubKeyVariant.IsValid()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : public key variant is invalid");
+ printf("CMalleableKey::CheckKeyVariant() : public key variant is invalid");
+ return false;
}
CPoint point_R;
- if (!point_R.setBytes(R.Raw())) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode R value");
+ if (!point_R.setPubKey(R)) {
+ printf("CMalleableKey::CheckKeyVariant() : Unable to decode R value");
+ return false;
}
- CKey H;
- H.SetSecret(vchSecretH, true);
- std::vector<unsigned char> vchPubKeyH = H.GetPubKey().Raw();
+ CKey H(vchSecretH);
+ CPubKey vchPubKeyH = H.GetPubKey();
CPoint point_H;
- if (!point_H.setBytes(vchPubKeyH)) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode H value");
+ if (!point_H.setPubKey(vchPubKeyH)) {
+ printf("CMalleableKey::CheckKeyVariant() : Unable to decode H value");
+ return false;
}
CPoint point_P;
- if (!point_P.setBytes(vchPubKeyVariant.Raw())) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode P value");
+ if (!point_P.setPubKey(vchPubKeyVariant)) {
+ printf("CMalleableKey::CheckKeyVariant() : Unable to decode P value");
+ return false;
}
// Infinity points are senseless
if (point_P.IsInfinity()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : P is infinity");
+ printf("CMalleableKey::CheckKeyVariant() : P is infinity");
+ return false;
}
CBigNum bnl;
std::vector<unsigned char> vchRl;
if (!point_R.getBytes(vchRl)) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value");
+ printf("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value");
+ return false;
}
// Calculate Hash(R*l)
// Infinity points are senseless
if (point_Ps.IsInfinity()) {
- throw key_error("CMalleableKey::CheckKeyVariant() : Ps is infinity");
+ printf("CMalleableKey::CheckKeyVariant() : Ps is infinity");
+ return false;
}
// Check ownership
CBigNum bnp = bnHash + bnh;
std::vector<unsigned char> vchp = bnp.getBytes();
- privKeyVariant.SetSecret(CSecret(vchp.begin(), vchp.end()), true);
+ privKeyVariant.SetSecret(CSecret(vchp.begin(), vchp.end()));
return true;
}
-std::string CMalleableKey::ToString()
+std::string CMalleableKey::ToString() const
{
CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION);
ssKey << *this;
return EncodeBase58Check(vch);
}
+std::vector<unsigned char> CMalleableKey::Raw() const
+{
+ CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION);
+ ssKey << *this;
+ std::vector<unsigned char> vch(ssKey.begin(), ssKey.end());
+
+ return vch;
+}
+
bool CMalleableKey::SetString(const std::string& strMutableKey)
{
std::vector<unsigned char> vchTemp;
if (!DecodeBase58Check(strMutableKey, vchTemp)) {
throw key_error("CMalleableKey::SetString() : Provided key data seems corrupted.");
}
-
+ if (vchTemp.size() != 66)
+ return false;
CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION);
ssKey >> *this;
- return IsNull();
+ return IsValid();
}
// CMalleableKeyView
+CMalleableKeyView::CMalleableKeyView(const std::string &strMalleableKey)
+{
+ SetString(strMalleableKey);
+}
+
CMalleableKeyView::CMalleableKeyView(const CMalleableKey &b)
{
- assert(b.nVersion == CURRENT_VERSION);
+ if (b.vchSecretL.size() != 32)
+ throw key_error("CMalleableKeyView::CMalleableKeyView() : L size must be 32 bytes");
+
+ if (b.vchSecretH.size() != 32)
+ throw key_error("CMalleableKeyView::CMalleableKeyView() : H size must be 32 bytes");
+
vchSecretL = b.vchSecretL;
- CKey H;
- H.SetSecret(b.vchSecretH, true);
- vchPubKeyH = H.GetPubKey().Raw();
+ CKey H(b.vchSecretH);
+ vchPubKeyH = H.GetPubKey();
}
CMalleableKeyView::CMalleableKeyView(const CMalleableKeyView &b)
{
- assert(b.nVersion == CURRENT_VERSION);
vchSecretL = b.vchSecretL;
vchPubKeyH = b.vchPubKeyH;
- nVersion = CURRENT_VERSION;
-}
-
-CMalleableKeyView::CMalleableKeyView(const CSecret &L, const CPubKey &pvchPubKeyH)
-{
- vchSecretL = L;
- vchPubKeyH = pvchPubKeyH.Raw();
}
CMalleableKeyView& CMalleableKeyView::operator=(const CMalleableKey &b)
{
- assert(b.nVersion == CURRENT_VERSION);
vchSecretL = b.vchSecretL;
- CKey H;
- H.SetSecret(b.vchSecretH, true);
- vchPubKeyH = H.GetPubKey().Raw();
+ CKey H(b.vchSecretH);
+ vchPubKeyH = H.GetPubKey();
return (*this);
}
CMalleablePubKey CMalleableKeyView::GetMalleablePubKey() const
{
- CKey keyL;
- keyL.SetSecret(vchSecretL, true);
+ CKey keyL(vchSecretL);
return CMalleablePubKey(keyL.GetPubKey(), vchPubKeyH);
}
// Check ownership
-bool CMalleableKeyView::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant)
+bool CMalleableKeyView::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant) const
{
+ if (!IsValid()) {
+ throw key_error("CMalleableKeyView::CheckKeyVariant() : Attempting to run on invalid view object.");
+ }
+
if (!R.IsValid()) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : R is invalid");
+ printf("CMalleableKeyView::CheckKeyVariant() : R is invalid");
+ return false;
}
if (!vchPubKeyVariant.IsValid()) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : public key variant is invalid");
+ printf("CMalleableKeyView::CheckKeyVariant() : public key variant is invalid");
+ return false;
}
CPoint point_R;
- if (!point_R.setBytes(R.Raw())) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to decode R value");
+ if (!point_R.setPubKey(R)) {
+ printf("CMalleableKeyView::CheckKeyVariant() : Unable to decode R value");
+ return false;
}
CPoint point_H;
- if (!point_H.setBytes(vchPubKeyH)) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to decode H value");
+ if (!point_H.setPubKey(vchPubKeyH)) {
+ printf("CMalleableKeyView::CheckKeyVariant() : Unable to decode H value");
+ return false;
}
CPoint point_P;
- if (!point_P.setBytes(vchPubKeyVariant.Raw())) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to decode P value");
+ if (!point_P.setPubKey(vchPubKeyVariant)) {
+ printf("CMalleableKeyView::CheckKeyVariant() : Unable to decode P value");
+ return false;
}
// Infinity points are senseless
if (point_P.IsInfinity()) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : P is infinity");
+ printf("CMalleableKeyView::CheckKeyVariant() : P is infinity");
+ return false;
}
CBigNum bnl;
std::vector<unsigned char> vchRl;
if (!point_R.getBytes(vchRl)) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to convert Rl value");
+ printf("CMalleableKeyView::CheckKeyVariant() : Unable to convert Rl value");
+ return false;
}
// Calculate Hash(R*l)
// Infinity points are senseless
if (point_Ps.IsInfinity()) {
- throw key_error("CMalleableKeyView::CheckKeyVariant() : Ps is infinity");
+ printf("CMalleableKeyView::CheckKeyVariant() : Ps is infinity");
+ return false;
}
// Check ownership
return true;
}
-std::string CMalleableKeyView::ToString()
+std::string CMalleableKeyView::ToString() const
{
CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION);
ssKey << *this;
throw key_error("CMalleableKeyView::SetString() : Provided key data seems corrupted.");
}
+ if (vchTemp.size() != 67)
+ return false;
+
CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION);
ssKey >> *this;
- return IsNull();
-}
-
-bool CMalleableKeyView::IsNull() const
-{
- return nVersion != CURRENT_VERSION;
+ return IsValid();
}
-//// Asymmetric encryption
-
-void CPubKey::EncryptData(const std::vector<unsigned char>& data, std::vector<unsigned char>& encrypted)
+std::vector<unsigned char> CMalleableKeyView::Raw() const
{
- CKey key;
- key.SetPubKey(*this);
+ CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION);
+ ssKey << *this;
+ std::vector<unsigned char> vch(ssKey.begin(), ssKey.end());
- key.EncryptData(data, encrypted);
+ return vch;
}
-void CKey::EncryptData(const std::vector<unsigned char>& data, std::vector<unsigned char>& encrypted)
-{
- ies_ctx_t *ctx;
- char error[1024] = "Unknown error";
- cryptogram_t *cryptogram;
-
- ctx = create_context(pkey);
- if (!EC_KEY_get0_public_key(ctx->user_key))
- throw key_error("Given EC key is not public key");
-
- cryptogram = ecies_encrypt(ctx, (unsigned char*)&data[0], data.size(), error);
- if (cryptogram == NULL) {
- free(ctx);
- ctx = NULL;
- throw key_error(std::string("Error in encryption: %s") + error);
- }
-
- encrypted.resize(cryptogram_data_sum_length(cryptogram));
- unsigned char *key_data = cryptogram_key_data(cryptogram);
- memcpy(&encrypted[0], key_data, encrypted.size());
- cryptogram_free(cryptogram);
- free(ctx);
-}
-void CKey::DecryptData(const std::vector<unsigned char>& encrypted, std::vector<unsigned char>& data)
+bool CMalleableKeyView::IsValid() const
{
- ies_ctx_t *ctx;
- char error[1024] = "Unknown error";
- cryptogram_t *cryptogram;
- size_t length;
- unsigned char *decrypted;
-
- ctx = create_context(pkey);
- if (!EC_KEY_get0_private_key(ctx->user_key))
- throw key_error("Given EC key is not private key");
-
- size_t key_length = ctx->stored_key_length;
- size_t mac_length = EVP_MD_size(ctx->md);
- cryptogram = cryptogram_alloc(key_length, mac_length, encrypted.size() - key_length - mac_length);
-
- memcpy(cryptogram_key_data(cryptogram), &encrypted[0], encrypted.size());
-
- decrypted = ecies_decrypt(ctx, cryptogram, &length, error);
- cryptogram_free(cryptogram);
- free(ctx);
-
- if (decrypted == NULL) {
- throw key_error(std::string("Error in decryption: %s") + error);
- }
-
- data.resize(length);
- memcpy(&data[0], decrypted, length);
- free(decrypted);
+ return vchSecretL.size() == 32 && GetMalleablePubKey().IsValid();
}