X-Git-Url: https://git.novaco.in/?p=novacoin.git;a=blobdiff_plain;f=src%2Fkey.cpp;h=94a54ef9389cfca1d52015fa3eb9f349260656e3;hp=adafc32a7f9b28b31b1546cba43428106046980c;hb=ef17ac0211ddd486127e1f94756fbb3fd704a9b4;hpb=91e95a40e7a818d671eac2549830dd7dfe5fa21b diff --git a/src/key.cpp b/src/key.cpp index adafc32..94a54ef 100644 --- a/src/key.cpp +++ b/src/key.cpp @@ -5,7 +5,7 @@ #include #include -#include +#include #include "key.h" #include "base58.h" @@ -79,7 +79,12 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch x = BN_CTX_get(ctx); if (!BN_copy(x, order)) { ret=-1; goto err; } if (!BN_mul_word(x, i)) { ret=-1; goto err; } - if (!BN_add(x, x, ecsig->r)) { ret=-1; goto err; } + + // Get internal R and S pointers + const BIGNUM *ecsig_r, *ecsig_s; + ECDSA_SIG_get0(ecsig, &ecsig_r, &ecsig_s); + + if (!BN_add(x, x, ecsig_r)) { ret=-1; goto err; } field = BN_CTX_get(ctx); if (!EC_GROUP_get_curve_GFp(group, field, NULL, NULL, ctx)) { ret=-2; goto err; } if (BN_cmp(x, field) >= 0) { ret=0; goto err; } @@ -97,12 +102,12 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch if (!BN_bin2bn(msg, msglen, e)) { ret=-1; goto err; } if (8*msglen > n) BN_rshift(e, e, 8-(n & 7)); zero = BN_CTX_get(ctx); - if (!BN_zero(zero)) { ret=-1; goto err; } + if (!BN_set_word(zero, 0)) { ret=-1; goto err; } if (!BN_mod_sub(e, zero, e, order, ctx)) { ret=-1; goto err; } rr = BN_CTX_get(ctx); - if (!BN_mod_inverse(rr, ecsig->r, order, ctx)) { ret=-1; goto err; } + if (!BN_mod_inverse(rr, ecsig_r, order, ctx)) { ret=-1; goto err; } sor = BN_CTX_get(ctx); - if (!BN_mod_mul(sor, ecsig->s, rr, order, ctx)) { ret=-1; goto err; } + if (!BN_mod_mul(sor, ecsig_s, rr, order, ctx)) { ret=-1; goto err; } eor = BN_CTX_get(ctx); if (!BN_mod_mul(eor, e, rr, order, ctx)) { ret=-1; goto err; } if (!EC_POINT_mul(group, Q, eor, R, sor, ctx)) { ret=-2; goto err; } @@ -164,23 +169,19 @@ const unsigned char vchMaxModHalfOrder[32] = { const unsigned char *vchZero = NULL; - - -void CKey::SetCompressedPubKey() +void CKey::SetCompressedPubKey(bool fCompressed) { - EC_KEY_set_conv_form(pkey, POINT_CONVERSION_COMPRESSED); - fCompressedPubKey = true; + EC_KEY_set_conv_form(pkey, fCompressed ? POINT_CONVERSION_COMPRESSED : POINT_CONVERSION_UNCOMPRESSED); } void CKey::Reset() { - fCompressedPubKey = false; + fSet = false; if (pkey != NULL) EC_KEY_free(pkey); pkey = EC_KEY_new_by_curve_name(NID_secp256k1); if (pkey == NULL) throw key_error("CKey::CKey() : EC_KEY_new_by_curve_name failed"); - fSet = false; } CKey::CKey() @@ -195,7 +196,14 @@ CKey::CKey(const CKey& b) if (pkey == NULL) throw key_error("CKey::CKey(const CKey&) : EC_KEY_dup failed"); fSet = b.fSet; - fCompressedPubKey = b.fCompressedPubKey; +} + +CKey::CKey(const CSecret& b, bool fCompressed) +{ + pkey = EC_KEY_new_by_curve_name(NID_secp256k1); + if (pkey == NULL) + throw key_error("CKey::CKey(const CKey&) : EC_KEY_dup failed"); + SetSecret(b, fCompressed); } CKey& CKey::operator=(const CKey& b) @@ -203,13 +211,13 @@ CKey& CKey::operator=(const CKey& b) if (!EC_KEY_copy(pkey, b.pkey)) throw key_error("CKey::operator=(const CKey&) : EC_KEY_copy failed"); fSet = b.fSet; - fCompressedPubKey = b.fCompressedPubKey; return (*this); } CKey::~CKey() { - EC_KEY_free(pkey); + if (pkey != NULL) + EC_KEY_free(pkey); } bool CKey::IsNull() const @@ -219,7 +227,7 @@ bool CKey::IsNull() const bool CKey::IsCompressed() const { - return fCompressedPubKey; + return (EC_KEY_get_conv_form(pkey) == POINT_CONVERSION_COMPRESSED); } bool CKey::CheckSignatureElement(const unsigned char *vch, int len, bool half) { @@ -227,7 +235,7 @@ bool CKey::CheckSignatureElement(const unsigned char *vch, int len, bool half) { CompareBigEndian(vch, len, half ? vchMaxModHalfOrder : vchMaxModOrder, 32) <= 0; } -bool CKey::ReserealizeSignature(std::vector& vchSig) +bool CPubKey::ReserealizeSignature(std::vector& vchSig) { if (vchSig.empty()) return false; @@ -257,8 +265,7 @@ void CKey::MakeNewKey(bool fCompressed) { if (!EC_KEY_generate_key(pkey)) throw key_error("CKey::MakeNewKey() : EC_KEY_generate_key failed"); - if (fCompressed) - SetCompressedPubKey(); + SetCompressedPubKey(fCompressed); fSet = true; } @@ -291,6 +298,7 @@ bool CKey::SetSecret(const CSecret& vchSecret, bool fCompressed) pkey = EC_KEY_new_by_curve_name(NID_secp256k1); if (pkey == NULL) throw key_error("CKey::SetSecret() : EC_KEY_new_by_curve_name failed"); + if (vchSecret.size() != 32) throw key_error("CKey::SetSecret() : secret must be 32 bytes"); BIGNUM *bn = BN_bin2bn(&vchSecret[0],32,BN_new()); @@ -303,8 +311,7 @@ bool CKey::SetSecret(const CSecret& vchSecret, bool fCompressed) } BN_clear_free(bn); fSet = true; - if (fCompressed || fCompressedPubKey) - SetCompressedPubKey(); + SetCompressedPubKey(fCompressed); return true; } @@ -319,10 +326,16 @@ CSecret CKey::GetSecret(bool &fCompressed) const int n=BN_bn2bin(bn,&vchRet[32 - nBytes]); if (n != nBytes) throw key_error("CKey::GetSecret(): BN_bn2bin failed"); - fCompressed = fCompressedPubKey; + fCompressed = IsCompressed(); return vchRet; } +CSecret CKey::GetSecret() const +{ + bool fCompressed; + return GetSecret(fCompressed); +} + CPrivKey CKey::GetPrivKey() const { int nSize = i2d_ECPrivateKey(pkey, NULL); @@ -335,21 +348,6 @@ CPrivKey CKey::GetPrivKey() const return vchPrivKey; } -bool CKey::SetPubKey(const CPubKey& vchPubKey) -{ - const unsigned char* pbegin = &vchPubKey.vchPubKey[0]; - if (o2i_ECPublicKey(&pkey, &pbegin, vchPubKey.vchPubKey.size())) - { - fSet = true; - if (vchPubKey.vchPubKey.size() == 33) - SetCompressedPubKey(); - return true; - } - pkey = NULL; - Reset(); - return false; -} - CPubKey CKey::GetPubKey() const { int nSize = i2o_ECPublicKey(pkey, NULL); @@ -369,13 +367,25 @@ bool CKey::Sign(uint256 hash, std::vector& vchSig) if (sig==NULL) return false; const EC_GROUP *group = EC_KEY_get0_group(pkey); - CBigNum order, halforder; - EC_GROUP_get_order(group, &order, NULL); - BN_rshift1(&halforder, &order); + + BIGNUM* order = BN_new(), *halforder = BN_new(); + EC_GROUP_get_order(group, order, NULL); + BN_rshift1(halforder, order); + + // Get internal R and S pointers + const BIGNUM *current_s = ECDSA_SIG_get0_s(sig); + // enforce low S values, by negating the value (modulo the order) if above order/2. - if (BN_cmp(sig->s, &halforder) > 0) { - BN_sub(sig->s, &order, sig->s); + if (BN_cmp(current_s, halforder) > 0) { + BIGNUM *updated_s = BN_new(); + BN_copy(updated_s, current_s); + BN_sub(updated_s, order, updated_s); + ECDSA_SIG_set0(sig, NULL, updated_s); } + + BN_free(order); + BN_free(halforder); + unsigned int nSize = ECDSA_size(pkey); vchSig.resize(nSize); // Make sure it is big enough unsigned char *pos = &vchSig[0]; @@ -401,17 +411,29 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) if (sig==NULL) return false; const EC_GROUP *group = EC_KEY_get0_group(pkey); - CBigNum order, halforder; - EC_GROUP_get_order(group, &order, NULL); - BN_rshift1(&halforder, &order); + BIGNUM* order = BN_new(), *halforder = BN_new(); + EC_GROUP_get_order(group, order, NULL); + BN_rshift1(halforder, order); + + // Get internal R and S pointers + const BIGNUM *current_s = ECDSA_SIG_get0_s(sig); + // enforce low S values, by negating the value (modulo the order) if above order/2. - if (BN_cmp(sig->s, &halforder) > 0) { - BN_sub(sig->s, &order, sig->s); + if (BN_cmp(current_s, halforder) > 0) { + BIGNUM *updated_s = BN_new(); + BN_copy(updated_s, current_s); + BN_sub(updated_s, order, updated_s); + ECDSA_SIG_set0(sig, NULL, updated_s); } + + BN_free(order); + BN_free(halforder); + vchSig.clear(); vchSig.resize(65,0); - int nBitsR = BN_num_bits(sig->r); - int nBitsS = BN_num_bits(sig->s); + int nBitsR = BN_num_bits(ECDSA_SIG_get0_r(sig)); + int nBitsS = BN_num_bits(ECDSA_SIG_get0_s(sig)); + bool fCompressedPubKey = IsCompressed(); if (nBitsR <= 256 && nBitsS <= 256) { int8_t nRecId = -1; @@ -419,8 +441,7 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) { CKey keyRec; keyRec.fSet = true; - if (fCompressedPubKey) - keyRec.SetCompressedPubKey(); + keyRec.SetCompressedPubKey(fCompressedPubKey); if (ECDSA_SIG_recover_key_GFp(keyRec.pkey, sig, (unsigned char*)&hash, sizeof(hash), i, 1) == 1) if (keyRec.GetPubKey() == this->GetPubKey()) { @@ -436,10 +457,11 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) } vchSig[0] = nRecId+27+(fCompressedPubKey ? 4 : 0); - BN_bn2bin(sig->r,&vchSig[33-(nBitsR+7)/8]); - BN_bn2bin(sig->s,&vchSig[65-(nBitsS+7)/8]); + BN_bn2bin(ECDSA_SIG_get0_r(sig),&vchSig[33-(nBitsR+7)/8]); + BN_bn2bin(ECDSA_SIG_get0_s(sig),&vchSig[65-(nBitsS+7)/8]); fOk = true; } + ECDSA_SIG_free(sig); return fOk; } @@ -448,7 +470,7 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) // This is only slightly more CPU intensive than just verifying it. // If this function succeeds, the recovered public key is guaranteed to be valid // (the signature is a valid signature of the given data for that key) -bool CKey::SetCompactSignature(uint256 hash, const std::vector& vchSig) +bool CPubKey::SetCompactSignature(uint256 hash, const std::vector& vchSig) { if (vchSig.size() != 65) return false; @@ -456,66 +478,83 @@ bool CKey::SetCompactSignature(uint256 hash, const std::vector& v if (nV<27 || nV>=35) return false; ECDSA_SIG *sig = ECDSA_SIG_new(); - BN_bin2bn(&vchSig[1],32,sig->r); - BN_bin2bn(&vchSig[33],32,sig->s); - - EC_KEY_free(pkey); - pkey = EC_KEY_new_by_curve_name(NID_secp256k1); + BIGNUM *sig_r = BN_new(), *sig_s = BN_new(); + BN_bin2bn(&vchSig[1],32,sig_r); + BN_bin2bn(&vchSig[33],32,sig_s); + ECDSA_SIG_set0(sig, sig_r, sig_s); + bool fSuccessful = false; + EC_KEY* pkey = EC_KEY_new_by_curve_name(NID_secp256k1); if (nV >= 31) { - SetCompressedPubKey(); nV -= 4; + EC_KEY_set_conv_form(pkey, POINT_CONVERSION_COMPRESSED); } - if (ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), nV - 27, 0) == 1) + do { - fSet = true; - ECDSA_SIG_free(sig); - return true; - } + if (ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), nV - 27, 0) != 1) + break; + int nSize = i2o_ECPublicKey(pkey, NULL); + if (!nSize) + break; + std::vector vchPubKey(nSize, 0); + unsigned char* pbegin = &vchPubKey[0]; + if (i2o_ECPublicKey(pkey, &pbegin) != nSize) + break; + Set(vchPubKey.begin(), vchPubKey.end()); + fSuccessful = IsValid(); + + } while (false); ECDSA_SIG_free(sig); - return false; + EC_KEY_free(pkey); + if (!fSuccessful) + Invalidate(); + return fSuccessful; } -bool CKey::Verify(uint256 hash, const std::vector& vchSig) +bool CPubKey::Verify(const uint256 &hash, const std::vector& vchSig) const { - if (vchSig.empty()) + if (vchSig.empty() || !IsValid()) return false; - // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first. - unsigned char *norm_der = NULL; + EC_KEY *pkey = EC_KEY_new_by_curve_name(NID_secp256k1); ECDSA_SIG *norm_sig = ECDSA_SIG_new(); - const unsigned char* sigptr = &vchSig[0]; + assert(norm_sig); - if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL) + assert(pkey); + + bool ret = false; + do { - /* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on - * error. But OpenSSL's own use of this function redundantly frees the - * result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a - * clear contract for the function behaving the same way is more - * conservative. - */ - ECDSA_SIG_free(norm_sig); - return false; - } - int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der); + int derlen; + uint8_t *norm_der = NULL; + const uint8_t* pbegin = &vbytes[0]; + const uint8_t* sigptr = &vchSig[0]; + + // Trying to parse public key + if (!o2i_ECPublicKey(&pkey, &pbegin, size())) + break; + // New versions of OpenSSL are rejecting a non-canonical DER signatures, de/re-serialize first. + if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL) + break; + if ((derlen = i2d_ECDSA_SIG(norm_sig, &norm_der)) <= 0) + break; + + // -1 = error, 0 = bad sig, 1 = good + ret = ECDSA_verify(0, (const unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1; + OPENSSL_free(norm_der); + } while(false); + ECDSA_SIG_free(norm_sig); - if (derlen <= 0) - return false; + EC_KEY_free(pkey); - // -1 = error, 0 = bad sig, 1 = good - bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1; - OPENSSL_free(norm_der); return ret; } -bool CKey::VerifyCompact(uint256 hash, const std::vector& vchSig) +bool CPubKey::VerifyCompact(uint256 hash, const std::vector& vchSig) { - CKey key; + CPubKey key; if (!key.SetCompactSignature(hash, vchSig)) return false; - if (GetPubKey() != key.GetPubKey()) - return false; - return true; } @@ -531,6 +570,7 @@ bool CKey::IsValid() CSecret secret = GetSecret(fCompr); CKey key2; key2.SetSecret(secret, fCompr); + return GetPubKey() == key2.GetPubKey(); } @@ -589,10 +629,17 @@ bool CPoint::setBytes(const std::vector &vchBytes) return true; } +// Initialize from octets stream +bool CPoint::setPubKey(const CPubKey &key) +{ + std::vector vchPubKey(key.begin(), key.end()); + return setBytes(vchPubKey); +} + // Serialize to octets stream bool CPoint::getBytes(std::vector &vchBytes) { - unsigned int nSize = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx); + size_t nSize = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx); vchBytes.resize(nSize); if (!(nSize == EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, &vchBytes[0], nSize, ctx))) { return false; @@ -603,23 +650,21 @@ bool CPoint::getBytes(std::vector &vchBytes) // ECC multiplication by specified multiplier bool CPoint::ECMUL(const CBigNum &bnMultiplier) { - if (!EC_POINT_mul(group, point, NULL, point, &bnMultiplier, NULL)) { - printf("CPoint::ECMUL() : EC_POINT_mul failed"); - return false; - } - - return true; + BIGNUM* bnMul = bnMultiplier.get(); + bool ok = EC_POINT_mul(group, point, NULL, point, bnMul, NULL); + if (!ok) printf("CPoint::ECMUL() : EC_POINT_mul failed"); + BN_free(bnMul); + return ok; } // Calculate G*m + q bool CPoint::ECMULGEN(const CBigNum &bnMultiplier, const CPoint &qPoint) { - if (!EC_POINT_mul(group, point, &bnMultiplier, qPoint.point, BN_value_one(), NULL)) { - printf("CPoint::ECMULGEN() : EC_POINT_mul failed."); - return false; - } - - return true; + BIGNUM* bnMul = bnMultiplier.get(); + bool ok = EC_POINT_mul(group, point, bnMul, qPoint.point, BN_value_one(), NULL); + if (!ok) printf("CPoint::ECMULGEN() : EC_POINT_mul failed."); + BN_free(bnMul); + return ok; } // CMalleablePubKey @@ -658,12 +703,11 @@ void CMalleablePubKey::GetVariant(CPubKey &R, CPubKey &vchPubKeyVariant) R = CPubKey(vchPubKey); // OpenSSL BIGNUM representation of r value - CBigNum bnr; - bnr = *(CBigNum*) EC_KEY_get0_private_key(eckey); + CBigNum bnr(EC_KEY_get0_private_key(eckey)); EC_KEY_free(eckey); CPoint point; - if (!point.setBytes(pubKeyL.Raw())) { + if (!point.setPubKey(pubKeyL)) { throw key_error("CMalleablePubKey::GetVariant() : Unable to decode L value"); } @@ -680,7 +724,7 @@ void CMalleablePubKey::GetVariant(CPubKey &R, CPubKey &vchPubKeyVariant) bnHash.setuint160(Hash160(vchLr)); CPoint pointH; - pointH.setBytes(pubKeyH.Raw()); + pointH.setPubKey(pubKeyH); CPoint P; // Calculate P = Hash(L*r)*G + H @@ -696,7 +740,7 @@ void CMalleablePubKey::GetVariant(CPubKey &R, CPubKey &vchPubKeyVariant) vchPubKeyVariant = CPubKey(vchResult); } -std::string CMalleablePubKey::ToString() +std::string CMalleablePubKey::ToString() const { CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION); ssKey << *this; @@ -705,12 +749,31 @@ std::string CMalleablePubKey::ToString() return EncodeBase58Check(vch); } +bool CMalleablePubKey::setvch(const std::vector &vchPubKeyPair) +{ + CDataStream ssKey(vchPubKeyPair, SER_NETWORK, PROTOCOL_VERSION); + ssKey >> *this; + + return IsValid(); +} + +std::vector CMalleablePubKey::Raw() const +{ + CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION); + ssKey << *this; + std::vector vch(ssKey.begin(), ssKey.end()); + + return vch; +} + bool CMalleablePubKey::SetString(const std::string& strMalleablePubKey) { std::vector vchTemp; if (!DecodeBase58Check(strMalleablePubKey, vchTemp)) { throw key_error("CMalleablePubKey::SetString() : Provided key data seems corrupted."); } + if (vchTemp.size() != 68) + return false; CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION); ssKey >> *this; @@ -720,9 +783,7 @@ bool CMalleablePubKey::SetString(const std::string& strMalleablePubKey) bool CMalleablePubKey::operator==(const CMalleablePubKey &b) { - return (nVersion == b.nVersion && - pubKeyL == b.pubKeyL && - pubKeyH == b.pubKeyH); + return pubKeyL == b.pubKeyL && pubKeyH == b.pubKeyH; } @@ -732,22 +793,18 @@ void CMalleableKey::Reset() { vchSecretL.clear(); vchSecretH.clear(); - - nVersion = 0; } void CMalleableKey::MakeNewKeys() { - CKey L, H; - bool fCompressed = true; - - L.MakeNewKey(true); - H.MakeNewKey(true); + Reset(); - vchSecretL = L.GetSecret(fCompressed); - vchSecretH = H.GetSecret(fCompressed); + CKey keyL, keyH; + keyL.MakeNewKey(); + keyH.MakeNewKey(); - nVersion = CURRENT_VERSION; + vchSecretL = keyL.GetSecret(); + vchSecretH = keyH.GetSecret(); } CMalleableKey::CMalleableKey() @@ -765,95 +822,79 @@ CMalleableKey::CMalleableKey(const CSecret &L, const CSecret &H) SetSecrets(L, H); } -CMalleableKey& CMalleableKey::operator=(const CMalleableKey &b) -{ - SetSecrets(b.vchSecretL, b.vchSecretH); - - return (*this); -} - CMalleableKey::~CMalleableKey() { } bool CMalleableKey::IsNull() const { - return nVersion != CURRENT_VERSION; + return vchSecretL.size() != 32 || vchSecretH.size() != 32; } bool CMalleableKey::SetSecrets(const CSecret &pvchSecretL, const CSecret &pvchSecretH) { Reset(); - CKey L, H; - if (!L.SetSecret(pvchSecretL, true) || !H.SetSecret(pvchSecretH, true)) - { - nVersion = 0; + CKey keyL(pvchSecretL); + CKey keyH(pvchSecretH); + + if (!keyL.IsValid() || !keyH.IsValid()) return false; - } vchSecretL = pvchSecretL; vchSecretH = pvchSecretH; - nVersion = CURRENT_VERSION; return true; } -void CMalleableKey::GetSecrets(CSecret &pvchSecretL, CSecret &pvchSecretH) const -{ - pvchSecretL = vchSecretL; - pvchSecretH = vchSecretH; -} - CMalleablePubKey CMalleableKey::GetMalleablePubKey() const { - CKey L, H; - L.SetSecret(vchSecretL, true); - H.SetSecret(vchSecretH, true); - - std::vector vchPubKeyL = L.GetPubKey().Raw(); - std::vector vchPubKeyH = H.GetPubKey().Raw(); - - return CMalleablePubKey(vchPubKeyL, vchPubKeyH); + CKey L(vchSecretL), H(vchSecretH); + return CMalleablePubKey(L.GetPubKey(), H.GetPubKey()); } // Check ownership -bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant) +bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant) const { if (IsNull()) { throw key_error("CMalleableKey::CheckKeyVariant() : Attempting to run on NULL key object."); } if (!R.IsValid()) { - throw key_error("CMalleableKey::CheckKeyVariant() : R is invalid"); + printf("CMalleableKey::CheckKeyVariant() : R is invalid"); + return false; } if (!vchPubKeyVariant.IsValid()) { - throw key_error("CMalleableKey::CheckKeyVariant() : public key variant is invalid"); + printf("CMalleableKey::CheckKeyVariant() : public key variant is invalid"); + return false; } CPoint point_R; - if (!point_R.setBytes(R.Raw())) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode R value"); + if (!point_R.setPubKey(R)) { + printf("CMalleableKey::CheckKeyVariant() : Unable to decode R value"); + return false; } - CKey H; - H.SetSecret(vchSecretH, true); - std::vector vchPubKeyH = H.GetPubKey().Raw(); + CKey H(vchSecretH); + CPubKey vchPubKeyH = H.GetPubKey(); CPoint point_H; - if (!point_H.setBytes(vchPubKeyH)) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode H value"); + if (!point_H.setPubKey(vchPubKeyH)) { + printf("CMalleableKey::CheckKeyVariant() : Unable to decode H value"); + return false; } CPoint point_P; - if (!point_P.setBytes(vchPubKeyVariant.Raw())) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode P value"); + if (!point_P.setPubKey(vchPubKeyVariant)) { + printf("CMalleableKey::CheckKeyVariant() : Unable to decode P value"); + return false; } // Infinity points are senseless if (point_P.IsInfinity()) { - throw key_error("CMalleableKey::CheckKeyVariant() : P is infinity"); + printf("CMalleableKey::CheckKeyVariant() : P is infinity"); + return false; } CBigNum bnl; @@ -863,7 +904,8 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa std::vector vchRl; if (!point_R.getBytes(vchRl)) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value"); + printf("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value"); + return false; } // Calculate Hash(R*l) @@ -876,7 +918,8 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa // Infinity points are senseless if (point_Ps.IsInfinity()) { - throw key_error("CMalleableKey::CheckKeyVariant() : Ps is infinity"); + printf("CMalleableKey::CheckKeyVariant() : Ps is infinity"); + return false; } // Check ownership @@ -888,42 +931,47 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa } // Check ownership and restore private key -bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant, CKey &privKeyVariant) +bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant, CKey &privKeyVariant) const { if (IsNull()) { throw key_error("CMalleableKey::CheckKeyVariant() : Attempting to run on NULL key object."); } if (!R.IsValid()) { - throw key_error("CMalleableKey::CheckKeyVariant() : R is invalid"); + printf("CMalleableKey::CheckKeyVariant() : R is invalid"); + return false; } if (!vchPubKeyVariant.IsValid()) { - throw key_error("CMalleableKey::CheckKeyVariant() : public key variant is invalid"); + printf("CMalleableKey::CheckKeyVariant() : public key variant is invalid"); + return false; } CPoint point_R; - if (!point_R.setBytes(R.Raw())) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode R value"); + if (!point_R.setPubKey(R)) { + printf("CMalleableKey::CheckKeyVariant() : Unable to decode R value"); + return false; } - CKey H; - H.SetSecret(vchSecretH, true); - std::vector vchPubKeyH = H.GetPubKey().Raw(); + CKey H(vchSecretH); + CPubKey vchPubKeyH = H.GetPubKey(); CPoint point_H; - if (!point_H.setBytes(vchPubKeyH)) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode H value"); + if (!point_H.setPubKey(vchPubKeyH)) { + printf("CMalleableKey::CheckKeyVariant() : Unable to decode H value"); + return false; } CPoint point_P; - if (!point_P.setBytes(vchPubKeyVariant.Raw())) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to decode P value"); + if (!point_P.setPubKey(vchPubKeyVariant)) { + printf("CMalleableKey::CheckKeyVariant() : Unable to decode P value"); + return false; } // Infinity points are senseless if (point_P.IsInfinity()) { - throw key_error("CMalleableKey::CheckKeyVariant() : P is infinity"); + printf("CMalleableKey::CheckKeyVariant() : P is infinity"); + return false; } CBigNum bnl; @@ -933,7 +981,8 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa std::vector vchRl; if (!point_R.getBytes(vchRl)) { - throw key_error("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value"); + printf("CMalleableKey::CheckKeyVariant() : Unable to convert Rl value"); + return false; } // Calculate Hash(R*l) @@ -946,7 +995,8 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa // Infinity points are senseless if (point_Ps.IsInfinity()) { - throw key_error("CMalleableKey::CheckKeyVariant() : Ps is infinity"); + printf("CMalleableKey::CheckKeyVariant() : Ps is infinity"); + return false; } // Check ownership @@ -962,12 +1012,12 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa CBigNum bnp = bnHash + bnh; std::vector vchp = bnp.getBytes(); - privKeyVariant.SetSecret(CSecret(vchp.begin(), vchp.end()), true); + privKeyVariant.SetSecret(CSecret(vchp.begin(), vchp.end())); return true; } -std::string CMalleableKey::ToString() +std::string CMalleableKey::ToString() const { CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION); ssKey << *this; @@ -976,45 +1026,62 @@ std::string CMalleableKey::ToString() return EncodeBase58Check(vch); } +std::vector CMalleableKey::Raw() const +{ + CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION); + ssKey << *this; + std::vector vch(ssKey.begin(), ssKey.end()); + + return vch; +} + bool CMalleableKey::SetString(const std::string& strMutableKey) { std::vector vchTemp; if (!DecodeBase58Check(strMutableKey, vchTemp)) { throw key_error("CMalleableKey::SetString() : Provided key data seems corrupted."); } - + if (vchTemp.size() != 66) + return false; CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION); ssKey >> *this; - return IsNull(); + return IsValid(); } // CMalleableKeyView +CMalleableKeyView::CMalleableKeyView(const std::string &strMalleableKey) +{ + SetString(strMalleableKey); +} + CMalleableKeyView::CMalleableKeyView(const CMalleableKey &b) { - assert(b.nVersion == CURRENT_VERSION); + if (b.vchSecretL.size() != 32) + throw key_error("CMalleableKeyView::CMalleableKeyView() : L size must be 32 bytes"); + + if (b.vchSecretH.size() != 32) + throw key_error("CMalleableKeyView::CMalleableKeyView() : H size must be 32 bytes"); + vchSecretL = b.vchSecretL; - CKey H; - H.SetSecret(b.vchSecretH, true); - vchPubKeyH = H.GetPubKey().Raw(); + CKey H(b.vchSecretH); + vchPubKeyH = H.GetPubKey(); } -CMalleableKeyView::CMalleableKeyView(const CSecret &L, const CPubKey &pvchPubKeyH) +CMalleableKeyView::CMalleableKeyView(const CMalleableKeyView &b) { - vchSecretL = L; - vchPubKeyH = pvchPubKeyH.Raw(); + vchSecretL = b.vchSecretL; + vchPubKeyH = b.vchPubKeyH; } CMalleableKeyView& CMalleableKeyView::operator=(const CMalleableKey &b) { - assert(b.nVersion == CURRENT_VERSION); vchSecretL = b.vchSecretL; - CKey H; - H.SetSecret(b.vchSecretH, true); - vchPubKeyH = H.GetPubKey().Raw(); + CKey H(b.vchSecretH); + vchPubKeyH = H.GetPubKey(); return (*this); } @@ -1025,40 +1092,49 @@ CMalleableKeyView::~CMalleableKeyView() CMalleablePubKey CMalleableKeyView::GetMalleablePubKey() const { - CKey keyL; - keyL.SetSecret(vchSecretL, true); + CKey keyL(vchSecretL); return CMalleablePubKey(keyL.GetPubKey(), vchPubKeyH); } // Check ownership -bool CMalleableKeyView::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant) +bool CMalleableKeyView::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVariant) const { + if (!IsValid()) { + throw key_error("CMalleableKeyView::CheckKeyVariant() : Attempting to run on invalid view object."); + } + if (!R.IsValid()) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : R is invalid"); + printf("CMalleableKeyView::CheckKeyVariant() : R is invalid"); + return false; } if (!vchPubKeyVariant.IsValid()) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : public key variant is invalid"); + printf("CMalleableKeyView::CheckKeyVariant() : public key variant is invalid"); + return false; } CPoint point_R; - if (!point_R.setBytes(R.Raw())) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to decode R value"); + if (!point_R.setPubKey(R)) { + printf("CMalleableKeyView::CheckKeyVariant() : Unable to decode R value"); + return false; } CPoint point_H; - if (!point_H.setBytes(vchPubKeyH)) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to decode H value"); + if (!point_H.setPubKey(vchPubKeyH)) { + printf("CMalleableKeyView::CheckKeyVariant() : Unable to decode H value"); + return false; } CPoint point_P; - if (!point_P.setBytes(vchPubKeyVariant.Raw())) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to decode P value"); + if (!point_P.setPubKey(vchPubKeyVariant)) { + printf("CMalleableKeyView::CheckKeyVariant() : Unable to decode P value"); + return false; } // Infinity points are senseless if (point_P.IsInfinity()) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : P is infinity"); + printf("CMalleableKeyView::CheckKeyVariant() : P is infinity"); + return false; } CBigNum bnl; @@ -1068,7 +1144,8 @@ bool CMalleableKeyView::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubK std::vector vchRl; if (!point_R.getBytes(vchRl)) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : Unable to convert Rl value"); + printf("CMalleableKeyView::CheckKeyVariant() : Unable to convert Rl value"); + return false; } // Calculate Hash(R*l) @@ -1081,7 +1158,8 @@ bool CMalleableKeyView::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubK // Infinity points are senseless if (point_Ps.IsInfinity()) { - throw key_error("CMalleableKeyView::CheckKeyVariant() : Ps is infinity"); + printf("CMalleableKeyView::CheckKeyVariant() : Ps is infinity"); + return false; } // Check ownership @@ -1092,3 +1170,42 @@ bool CMalleableKeyView::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubK return true; } +std::string CMalleableKeyView::ToString() const +{ + CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION); + ssKey << *this; + std::vector vch(ssKey.begin(), ssKey.end()); + + return EncodeBase58Check(vch); +} + +bool CMalleableKeyView::SetString(const std::string& strMutableKey) +{ + std::vector vchTemp; + if (!DecodeBase58Check(strMutableKey, vchTemp)) { + throw key_error("CMalleableKeyView::SetString() : Provided key data seems corrupted."); + } + + if (vchTemp.size() != 67) + return false; + + CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION); + ssKey >> *this; + + return IsValid(); +} + +std::vector CMalleableKeyView::Raw() const +{ + CDataStream ssKey(SER_NETWORK, PROTOCOL_VERSION); + ssKey << *this; + std::vector vch(ssKey.begin(), ssKey.end()); + + return vch; +} + + +bool CMalleableKeyView::IsValid() const +{ + return vchSecretL.size() == 32 && GetMalleablePubKey().IsValid(); +}