X-Git-Url: https://git.novaco.in/?p=novacoin.git;a=blobdiff_plain;f=src%2Fkey.cpp;h=c68fcda5fd748d1666560cd7eabffc97feb49a85;hp=49868b8f394abdd193165ad60dc08b356b922cca;hb=7218a68da35b3dddb228fd4647da831d249e6cd5;hpb=5d03ac2b46f39453274e84b1f71c64b51d445a26 diff --git a/src/key.cpp b/src/key.cpp index 49868b8..c68fcda 100644 --- a/src/key.cpp +++ b/src/key.cpp @@ -5,6 +5,7 @@ #include #include +#include #include #include "key.h" @@ -164,23 +165,19 @@ const unsigned char vchMaxModHalfOrder[32] = { const unsigned char *vchZero = NULL; - - -void CKey::SetCompressedPubKey() +void CKey::SetCompressedPubKey(bool fCompressed) { - EC_KEY_set_conv_form(pkey, POINT_CONVERSION_COMPRESSED); - fCompressedPubKey = true; + EC_KEY_set_conv_form(pkey, fCompressed ? POINT_CONVERSION_COMPRESSED : POINT_CONVERSION_UNCOMPRESSED); } void CKey::Reset() { - fCompressedPubKey = false; + fSet = false; if (pkey != NULL) EC_KEY_free(pkey); pkey = EC_KEY_new_by_curve_name(NID_secp256k1); if (pkey == NULL) throw key_error("CKey::CKey() : EC_KEY_new_by_curve_name failed"); - fSet = false; } CKey::CKey() @@ -195,7 +192,6 @@ CKey::CKey(const CKey& b) if (pkey == NULL) throw key_error("CKey::CKey(const CKey&) : EC_KEY_dup failed"); fSet = b.fSet; - fCompressedPubKey = b.fCompressedPubKey; } CKey::CKey(const CSecret& b, bool fCompressed) @@ -211,13 +207,13 @@ CKey& CKey::operator=(const CKey& b) if (!EC_KEY_copy(pkey, b.pkey)) throw key_error("CKey::operator=(const CKey&) : EC_KEY_copy failed"); fSet = b.fSet; - fCompressedPubKey = b.fCompressedPubKey; return (*this); } CKey::~CKey() { - EC_KEY_free(pkey); + if (pkey != NULL) + EC_KEY_free(pkey); } bool CKey::IsNull() const @@ -227,7 +223,7 @@ bool CKey::IsNull() const bool CKey::IsCompressed() const { - return fCompressedPubKey; + return (EC_KEY_get_conv_form(pkey) == POINT_CONVERSION_COMPRESSED); } bool CKey::CheckSignatureElement(const unsigned char *vch, int len, bool half) { @@ -235,7 +231,7 @@ bool CKey::CheckSignatureElement(const unsigned char *vch, int len, bool half) { CompareBigEndian(vch, len, half ? vchMaxModHalfOrder : vchMaxModOrder, 32) <= 0; } -bool CKey::ReserealizeSignature(std::vector& vchSig) +bool CPubKey::ReserealizeSignature(std::vector& vchSig) { if (vchSig.empty()) return false; @@ -265,8 +261,7 @@ void CKey::MakeNewKey(bool fCompressed) { if (!EC_KEY_generate_key(pkey)) throw key_error("CKey::MakeNewKey() : EC_KEY_generate_key failed"); - if (fCompressed) - SetCompressedPubKey(); + SetCompressedPubKey(fCompressed); fSet = true; } @@ -299,6 +294,7 @@ bool CKey::SetSecret(const CSecret& vchSecret, bool fCompressed) pkey = EC_KEY_new_by_curve_name(NID_secp256k1); if (pkey == NULL) throw key_error("CKey::SetSecret() : EC_KEY_new_by_curve_name failed"); + if (vchSecret.size() != 32) throw key_error("CKey::SetSecret() : secret must be 32 bytes"); BIGNUM *bn = BN_bin2bn(&vchSecret[0],32,BN_new()); @@ -311,8 +307,7 @@ bool CKey::SetSecret(const CSecret& vchSecret, bool fCompressed) } BN_clear_free(bn); fSet = true; - if (fCompressed || fCompressedPubKey) - SetCompressedPubKey(); + SetCompressedPubKey(fCompressed); return true; } @@ -327,10 +322,21 @@ CSecret CKey::GetSecret(bool &fCompressed) const int n=BN_bn2bin(bn,&vchRet[32 - nBytes]); if (n != nBytes) throw key_error("CKey::GetSecret(): BN_bn2bin failed"); - fCompressed = fCompressedPubKey; + fCompressed = IsCompressed(); return vchRet; } +bool CKey::WritePEM(BIO *streamObj, const SecureString &strPassKey) const // dumppem 4KJLA99FyqMMhjjDe7KnRXK4sjtv9cCtNS /tmp/test.pem 123 +{ + EVP_PKEY *evpKey = EVP_PKEY_new(); + if (!EVP_PKEY_assign_EC_KEY(evpKey, pkey)) + return error("CKey::WritePEM() : Error initializing EVP_PKEY instance."); + if(!PEM_write_bio_PKCS8PrivateKey(streamObj, evpKey, EVP_aes_256_cbc(), (char *)&strPassKey[0], strPassKey.size(), NULL, NULL)) + return error("CKey::WritePEM() : Error writing private key data to stream object"); + + return true; +} + CSecret CKey::GetSecret() const { bool fCompressed; @@ -349,21 +355,6 @@ CPrivKey CKey::GetPrivKey() const return vchPrivKey; } -bool CKey::SetPubKey(const CPubKey& vchPubKey) -{ - const unsigned char* pbegin = &vchPubKey.vchPubKey[0]; - if (o2i_ECPublicKey(&pkey, &pbegin, vchPubKey.vchPubKey.size())) - { - fSet = true; - if (vchPubKey.vchPubKey.size() == 33) - SetCompressedPubKey(); - return true; - } - pkey = NULL; - Reset(); - return false; -} - CPubKey CKey::GetPubKey() const { int nSize = i2o_ECPublicKey(pkey, NULL); @@ -426,6 +417,7 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) vchSig.resize(65,0); int nBitsR = BN_num_bits(sig->r); int nBitsS = BN_num_bits(sig->s); + bool fCompressedPubKey = IsCompressed(); if (nBitsR <= 256 && nBitsS <= 256) { int8_t nRecId = -1; @@ -433,8 +425,7 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) { CKey keyRec; keyRec.fSet = true; - if (fCompressedPubKey) - keyRec.SetCompressedPubKey(); + keyRec.SetCompressedPubKey(fCompressedPubKey); if (ECDSA_SIG_recover_key_GFp(keyRec.pkey, sig, (unsigned char*)&hash, sizeof(hash), i, 1) == 1) if (keyRec.GetPubKey() == this->GetPubKey()) { @@ -462,7 +453,7 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) // This is only slightly more CPU intensive than just verifying it. // If this function succeeds, the recovered public key is guaranteed to be valid // (the signature is a valid signature of the given data for that key) -bool CKey::SetCompactSignature(uint256 hash, const std::vector& vchSig) +bool CPubKey::SetCompactSignature(uint256 hash, const std::vector& vchSig) { if (vchSig.size() != 65) return false; @@ -472,64 +463,79 @@ bool CKey::SetCompactSignature(uint256 hash, const std::vector& v ECDSA_SIG *sig = ECDSA_SIG_new(); BN_bin2bn(&vchSig[1],32,sig->r); BN_bin2bn(&vchSig[33],32,sig->s); - - EC_KEY_free(pkey); - pkey = EC_KEY_new_by_curve_name(NID_secp256k1); + bool fSuccessful = false; + EC_KEY* pkey = EC_KEY_new_by_curve_name(NID_secp256k1); if (nV >= 31) { - SetCompressedPubKey(); nV -= 4; + EC_KEY_set_conv_form(pkey, POINT_CONVERSION_COMPRESSED); } - if (ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), nV - 27, 0) == 1) + do { - fSet = true; - ECDSA_SIG_free(sig); - return true; - } + if (ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), nV - 27, 0) != 1) + break; + int nSize = i2o_ECPublicKey(pkey, NULL); + if (!nSize) + break; + std::vector vchPubKey(nSize, 0); + unsigned char* pbegin = &vchPubKey[0]; + if (i2o_ECPublicKey(pkey, &pbegin) != nSize) + break; + Set(vchPubKey.begin(), vchPubKey.end()); + fSuccessful = IsValid(); + + } while (false); ECDSA_SIG_free(sig); - return false; + EC_KEY_free(pkey); + if (!fSuccessful) + Invalidate(); + return fSuccessful; } -bool CKey::Verify(uint256 hash, const std::vector& vchSig) +bool CPubKey::Verify(const uint256 &hash, const std::vector& vchSig) const { - if (vchSig.empty()) + if (vchSig.empty() || !IsValid()) return false; - // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first. - unsigned char *norm_der = NULL; + EC_KEY *pkey = EC_KEY_new_by_curve_name(NID_secp256k1); ECDSA_SIG *norm_sig = ECDSA_SIG_new(); - const unsigned char* sigptr = &vchSig[0]; + assert(norm_sig); - if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL) + assert(pkey); + + bool ret = false; + do { - /* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on - * error. But OpenSSL's own use of this function redundantly frees the - * result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a - * clear contract for the function behaving the same way is more - * conservative. - */ - ECDSA_SIG_free(norm_sig); - return false; - } - int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der); + int derlen; + uint8_t *norm_der = NULL; + const uint8_t* pbegin = &vbytes[0]; + const uint8_t* sigptr = &vchSig[0]; + + // Trying to parse public key + if (!o2i_ECPublicKey(&pkey, &pbegin, size())) + break; + // New versions of OpenSSL are rejecting a non-canonical DER signatures, de/re-serialize first. + if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL) + break; + if ((derlen = i2d_ECDSA_SIG(norm_sig, &norm_der)) <= 0) + break; + + // -1 = error, 0 = bad sig, 1 = good + ret = ECDSA_verify(0, hash.begin(), hash.size(), norm_der, derlen, pkey) == 1; + OPENSSL_free(norm_der); + } while(false); + ECDSA_SIG_free(norm_sig); - if (derlen <= 0) - return false; + EC_KEY_free(pkey); - // -1 = error, 0 = bad sig, 1 = good - bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1; - OPENSSL_free(norm_der); return ret; } -bool CKey::VerifyCompact(uint256 hash, const std::vector& vchSig) +bool CPubKey::VerifyCompact(uint256 hash, const std::vector& vchSig) { - CKey key; + CPubKey key; if (!key.SetCompactSignature(hash, vchSig)) return false; - if (GetPubKey() != key.GetPubKey()) - return false; - return true; } @@ -545,6 +551,7 @@ bool CKey::IsValid() CSecret secret = GetSecret(fCompr); CKey key2; key2.SetSecret(secret, fCompr); + return GetPubKey() == key2.GetPubKey(); } @@ -604,15 +611,16 @@ bool CPoint::setBytes(const std::vector &vchBytes) } // Initialize from octets stream -bool CPoint::setPubKey(const CPubKey &vchPubKey) +bool CPoint::setPubKey(const CPubKey &key) { - return setBytes(vchPubKey.Raw()); + std::vector vchPubKey(key.begin(), key.end()); + return setBytes(vchPubKey); } // Serialize to octets stream bool CPoint::getBytes(std::vector &vchBytes) { - unsigned int nSize = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx); + size_t nSize = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx); vchBytes.resize(nSize); if (!(nSize == EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, &vchBytes[0], nSize, ctx))) { return false; @@ -748,6 +756,8 @@ bool CMalleablePubKey::SetString(const std::string& strMalleablePubKey) if (!DecodeBase58Check(strMalleablePubKey, vchTemp)) { throw key_error("CMalleablePubKey::SetString() : Provided key data seems corrupted."); } + if (vchTemp.size() != 68) + return false; CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION); ssKey >> *this; @@ -824,7 +834,7 @@ bool CMalleableKey::SetSecrets(const CSecret &pvchSecretL, const CSecret &pvchSe CMalleablePubKey CMalleableKey::GetMalleablePubKey() const { CKey L(vchSecretL), H(vchSecretH); - return CMalleablePubKey(L.GetPubKey().Raw(), H.GetPubKey().Raw()); + return CMalleablePubKey(L.GetPubKey(), H.GetPubKey()); } // Check ownership @@ -851,7 +861,7 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa } CKey H(vchSecretH); - std::vector vchPubKeyH = H.GetPubKey().Raw(); + CPubKey vchPubKeyH = H.GetPubKey(); CPoint point_H; if (!point_H.setPubKey(vchPubKeyH)) { @@ -928,7 +938,7 @@ bool CMalleableKey::CheckKeyVariant(const CPubKey &R, const CPubKey &vchPubKeyVa } CKey H(vchSecretH); - std::vector vchPubKeyH = H.GetPubKey().Raw(); + CPubKey vchPubKeyH = H.GetPubKey(); CPoint point_H; if (!point_H.setPubKey(vchPubKeyH)) { @@ -1015,7 +1025,8 @@ bool CMalleableKey::SetString(const std::string& strMutableKey) if (!DecodeBase58Check(strMutableKey, vchTemp)) { throw key_error("CMalleableKey::SetString() : Provided key data seems corrupted."); } - + if (vchTemp.size() != 66) + return false; CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION); ssKey >> *this; @@ -1040,7 +1051,7 @@ CMalleableKeyView::CMalleableKeyView(const CMalleableKey &b) vchSecretL = b.vchSecretL; CKey H(b.vchSecretH); - vchPubKeyH = H.GetPubKey().Raw(); + vchPubKeyH = H.GetPubKey(); } CMalleableKeyView::CMalleableKeyView(const CMalleableKeyView &b) @@ -1054,7 +1065,7 @@ CMalleableKeyView& CMalleableKeyView::operator=(const CMalleableKey &b) vchSecretL = b.vchSecretL; CKey H(b.vchSecretH); - vchPubKeyH = H.GetPubKey().Raw(); + vchPubKeyH = H.GetPubKey(); return (*this); } @@ -1159,6 +1170,9 @@ bool CMalleableKeyView::SetString(const std::string& strMutableKey) throw key_error("CMalleableKeyView::SetString() : Provided key data seems corrupted."); } + if (vchTemp.size() != 67) + return false; + CDataStream ssKey(vchTemp, SER_NETWORK, PROTOCOL_VERSION); ssKey >> *this; @@ -1184,25 +1198,22 @@ bool CMalleableKeyView::IsValid() const void CPubKey::EncryptData(const std::vector& data, std::vector& encrypted) { - CKey key; - key.SetPubKey(*this); - - key.EncryptData(data, encrypted); -} - -void CKey::EncryptData(const std::vector& data, std::vector& encrypted) -{ ies_ctx_t *ctx; char error[1024] = "Unknown error"; cryptogram_t *cryptogram; + const unsigned char* pbegin = &vbytes[0]; + EC_KEY *pkey = EC_KEY_new_by_curve_name(NID_secp256k1); + if (!o2i_ECPublicKey(&pkey, &pbegin, size())) + throw key_error("Unable to parse EC key"); + ctx = create_context(pkey); if (!EC_KEY_get0_public_key(ctx->user_key)) throw key_error("Given EC key is not public key"); cryptogram = ecies_encrypt(ctx, (unsigned char*)&data[0], data.size(), error); if (cryptogram == NULL) { - free(ctx); + delete ctx; ctx = NULL; throw key_error(std::string("Error in encryption: %s") + error); } @@ -1211,7 +1222,7 @@ void CKey::EncryptData(const std::vector& data, std::vector& encrypted, std::vector& data) @@ -1234,7 +1245,7 @@ void CKey::DecryptData(const std::vector& encrypted, std::vector< decrypted = ecies_decrypt(ctx, cryptogram, &length, error); cryptogram_free(cryptogram); - free(ctx); + delete ctx; if (decrypted == NULL) { throw key_error(std::string("Error in decryption: %s") + error);