search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge #12075: [scripts] Add missing univalue file to copyright_header.py
[bitcoinplatinum.git] / src / pubkey.h
blob59bf56395cf9c677d8c233ff2fd3288dd40581a2
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2017 The Bitcoin Core developers
3 // Copyright (c) 2017 The Zcash developers
4 // Distributed under the MIT software license, see the accompanying
5 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
6
7 #ifndef BITCOIN_PUBKEY_H
8 #define BITCOIN_PUBKEY_H
9
10 #include <hash.h>
11 #include <serialize.h>
12 #include <uint256.h>
13
14 #include <stdexcept>
15 #include <vector>
16
17 const unsigned int BIP32_EXTKEY_SIZE = 74;
18
19 /** A reference to a CKey: the Hash160 of its serialized public key */
20 class CKeyID : public uint160
21 {
22 public:
23 CKeyID() : uint160() {}
24 explicit CKeyID(const uint160& in) : uint160(in) {}
25 };
26
27 typedef uint256 ChainCode;
28
29 /** An encapsulated public key. */
30 class CPubKey
31 {
32 public:
33 /**
34 * secp256k1:
35 */
36 static const unsigned int PUBLIC_KEY_SIZE = 65;
37 static const unsigned int COMPRESSED_PUBLIC_KEY_SIZE = 33;
38 static const unsigned int SIGNATURE_SIZE = 72;
39 static const unsigned int COMPACT_SIGNATURE_SIZE = 65;
40 /**
41 * see www.keylength.com
42 * script supports up to 75 for single byte push
43 */
44 static_assert(
45 PUBLIC_KEY_SIZE >= COMPRESSED_PUBLIC_KEY_SIZE,
46 "COMPRESSED_PUBLIC_KEY_SIZE is larger than PUBLIC_KEY_SIZE");
47
48 private:
49
50 /**
51 * Just store the serialized data.
52 * Its length can very cheaply be computed from the first byte.
53 */
54 unsigned char vch[PUBLIC_KEY_SIZE];
55
56 //! Compute the length of a pubkey with a given first byte.
57 unsigned int static GetLen(unsigned char chHeader)
58 {
59 if (chHeader == 2 || chHeader == 3)
60 return COMPRESSED_PUBLIC_KEY_SIZE;
61 if (chHeader == 4 || chHeader == 6 || chHeader == 7)
62 return PUBLIC_KEY_SIZE;
63 return 0;
64 }
65
66 //! Set this key data to be invalid
67 void Invalidate()
68 {
69 vch[0] = 0xFF;
70 }
71
72 public:
73 //! Construct an invalid public key.
74 CPubKey()
75 {
76 Invalidate();
77 }
78
79 //! Initialize a public key using begin/end iterators to byte data.
80 template <typename T>
81 void Set(const T pbegin, const T pend)
82 {
83 int len = pend == pbegin ? 0 : GetLen(pbegin[0]);
84 if (len && len == (pend - pbegin))
85 memcpy(vch, (unsigned char*)&pbegin[0], len);
86 else
87 Invalidate();
88 }
89
90 //! Construct a public key using begin/end iterators to byte data.
91 template <typename T>
92 CPubKey(const T pbegin, const T pend)
93 {
94 Set(pbegin, pend);
95 }
96
97 //! Construct a public key from a byte vector.
98 explicit CPubKey(const std::vector<unsigned char>& _vch)
99 {
100 Set(_vch.begin(), _vch.end());
101 }
102
103 //! Simple read-only vector-like interface to the pubkey data.
104 unsigned int size() const { return GetLen(vch[0]); }
105 const unsigned char* begin() const { return vch; }
106 const unsigned char* end() const { return vch + size(); }
107 const unsigned char& operator[](unsigned int pos) const { return vch[pos]; }
108
109 //! Comparator implementation.
110 friend bool operator==(const CPubKey& a, const CPubKey& b)
111 {
112 return a.vch[0] == b.vch[0] &&
113 memcmp(a.vch, b.vch, a.size()) == 0;
114 }
115 friend bool operator!=(const CPubKey& a, const CPubKey& b)
116 {
117 return !(a == b);
118 }
119 friend bool operator<(const CPubKey& a, const CPubKey& b)
120 {
121 return a.vch[0] < b.vch[0] ||
122 (a.vch[0] == b.vch[0] && memcmp(a.vch, b.vch, a.size()) < 0);
123 }
124
125 //! Implement serialization, as if this was a byte vector.
126 template <typename Stream>
127 void Serialize(Stream& s) const
128 {
129 unsigned int len = size();
130 ::WriteCompactSize(s, len);
131 s.write((char*)vch, len);
132 }
133 template <typename Stream>
134 void Unserialize(Stream& s)
135 {
136 unsigned int len = ::ReadCompactSize(s);
137 if (len <= PUBLIC_KEY_SIZE) {
138 s.read((char*)vch, len);
139 } else {
140 // invalid pubkey, skip available data
141 char dummy;
142 while (len--)
143 s.read(&dummy, 1);
144 Invalidate();
145 }
146 }
147
148 //! Get the KeyID of this public key (hash of its serialization)
149 CKeyID GetID() const
150 {
151 return CKeyID(Hash160(vch, vch + size()));
152 }
153
154 //! Get the 256-bit hash of this public key.
155 uint256 GetHash() const
156 {
157 return Hash(vch, vch + size());
158 }
159
160 /*
161 * Check syntactic correctness.
162 *
163 * Note that this is consensus critical as CheckSig() calls it!
164 */
165 bool IsValid() const
166 {
167 return size() > 0;
168 }
169
170 //! fully validate whether this is a valid public key (more expensive than IsValid())
171 bool IsFullyValid() const;
172
173 //! Check whether this is a compressed public key.
174 bool IsCompressed() const
175 {
176 return size() == COMPRESSED_PUBLIC_KEY_SIZE;
177 }
178
179 /**
180 * Verify a DER signature (~72 bytes).
181 * If this public key is not fully valid, the return value will be false.
182 */
183 bool Verify(const uint256& hash, const std::vector<unsigned char>& vchSig) const;
184
185 /**
186 * Check whether a signature is normalized (lower-S).
187 */
188 static bool CheckLowS(const std::vector<unsigned char>& vchSig);
189
190 //! Recover a public key from a compact signature.
191 bool RecoverCompact(const uint256& hash, const std::vector<unsigned char>& vchSig);
192
193 //! Turn this public key into an uncompressed public key.
194 bool Decompress();
195
196 //! Derive BIP32 child pubkey.
197 bool Derive(CPubKey& pubkeyChild, ChainCode &ccChild, unsigned int nChild, const ChainCode& cc) const;
198 };
199
200 struct CExtPubKey {
201 unsigned char nDepth;
202 unsigned char vchFingerprint[4];
203 unsigned int nChild;
204 ChainCode chaincode;
205 CPubKey pubkey;
206
207 friend bool operator==(const CExtPubKey &a, const CExtPubKey &b)
208 {
209 return a.nDepth == b.nDepth &&
210 memcmp(&a.vchFingerprint[0], &b.vchFingerprint[0], sizeof(vchFingerprint)) == 0 &&
211 a.nChild == b.nChild &&
212 a.chaincode == b.chaincode &&
213 a.pubkey == b.pubkey;
214 }
215
216 void Encode(unsigned char code[BIP32_EXTKEY_SIZE]) const;
217 void Decode(const unsigned char code[BIP32_EXTKEY_SIZE]);
218 bool Derive(CExtPubKey& out, unsigned int nChild) const;
219
220 void Serialize(CSizeComputer& s) const
221 {
222 // Optimized implementation for ::GetSerializeSize that avoids copying.
223 s.seek(BIP32_EXTKEY_SIZE + 1); // add one byte for the size (compact int)
224 }
225 template <typename Stream>
226 void Serialize(Stream& s) const
227 {
228 unsigned int len = BIP32_EXTKEY_SIZE;
229 ::WriteCompactSize(s, len);
230 unsigned char code[BIP32_EXTKEY_SIZE];
231 Encode(code);
232 s.write((const char *)&code[0], len);
233 }
234 template <typename Stream>
235 void Unserialize(Stream& s)
236 {
237 unsigned int len = ::ReadCompactSize(s);
238 unsigned char code[BIP32_EXTKEY_SIZE];
239 if (len != BIP32_EXTKEY_SIZE)
240 throw std::runtime_error("Invalid extended key size\n");
241 s.read((char *)&code[0], len);
242 Decode(code);
243 }
244 };
245
246 /** Users of this module must hold an ECCVerifyHandle. The constructor and
247 * destructor of these are not allowed to run in parallel, though. */
248 class ECCVerifyHandle
249 {
250 static int refcount;
251
252 public:
253 ECCVerifyHandle();
254 ~ECCVerifyHandle();
255 };
256
257 #endif // BITCOIN_PUBKEY_H