1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2016 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
6 #ifndef BITCOIN_PUBKEY_H
7 #define BITCOIN_PUBKEY_H
10 #include <serialize.h>
18 * const unsigned int PRIVATE_KEY_SIZE = 279;
19 * const unsigned int PUBLIC_KEY_SIZE = 65;
20 * const unsigned int SIGNATURE_SIZE = 72;
22 * see www.keylength.com
23 * script supports up to 75 for single byte push
26 const unsigned int BIP32_EXTKEY_SIZE
= 74;
28 /** A reference to a CKey: the Hash160 of its serialized public key */
29 class CKeyID
: public uint160
32 CKeyID() : uint160() {}
33 explicit CKeyID(const uint160
& in
) : uint160(in
) {}
36 typedef uint256 ChainCode
;
38 /** An encapsulated public key. */
44 * Just store the serialized data.
45 * Its length can very cheaply be computed from the first byte.
47 unsigned char vch
[65];
49 //! Compute the length of a pubkey with a given first byte.
50 unsigned int static GetLen(unsigned char chHeader
)
52 if (chHeader
== 2 || chHeader
== 3)
54 if (chHeader
== 4 || chHeader
== 6 || chHeader
== 7)
59 //! Set this key data to be invalid
66 //! Construct an invalid public key.
72 //! Initialize a public key using begin/end iterators to byte data.
74 void Set(const T pbegin
, const T pend
)
76 int len
= pend
== pbegin
? 0 : GetLen(pbegin
[0]);
77 if (len
&& len
== (pend
- pbegin
))
78 memcpy(vch
, (unsigned char*)&pbegin
[0], len
);
83 //! Construct a public key using begin/end iterators to byte data.
85 CPubKey(const T pbegin
, const T pend
)
90 //! Construct a public key from a byte vector.
91 explicit CPubKey(const std::vector
<unsigned char>& _vch
)
93 Set(_vch
.begin(), _vch
.end());
96 //! Simple read-only vector-like interface to the pubkey data.
97 unsigned int size() const { return GetLen(vch
[0]); }
98 const unsigned char* begin() const { return vch
; }
99 const unsigned char* end() const { return vch
+ size(); }
100 const unsigned char& operator[](unsigned int pos
) const { return vch
[pos
]; }
102 //! Comparator implementation.
103 friend bool operator==(const CPubKey
& a
, const CPubKey
& b
)
105 return a
.vch
[0] == b
.vch
[0] &&
106 memcmp(a
.vch
, b
.vch
, a
.size()) == 0;
108 friend bool operator!=(const CPubKey
& a
, const CPubKey
& b
)
112 friend bool operator<(const CPubKey
& a
, const CPubKey
& b
)
114 return a
.vch
[0] < b
.vch
[0] ||
115 (a
.vch
[0] == b
.vch
[0] && memcmp(a
.vch
, b
.vch
, a
.size()) < 0);
118 //! Implement serialization, as if this was a byte vector.
119 template <typename Stream
>
120 void Serialize(Stream
& s
) const
122 unsigned int len
= size();
123 ::WriteCompactSize(s
, len
);
124 s
.write((char*)vch
, len
);
126 template <typename Stream
>
127 void Unserialize(Stream
& s
)
129 unsigned int len
= ::ReadCompactSize(s
);
131 s
.read((char*)vch
, len
);
133 // invalid pubkey, skip available data
141 //! Get the KeyID of this public key (hash of its serialization)
144 return CKeyID(Hash160(vch
, vch
+ size()));
147 //! Get the 256-bit hash of this public key.
148 uint256
GetHash() const
150 return Hash(vch
, vch
+ size());
154 * Check syntactic correctness.
156 * Note that this is consensus critical as CheckSig() calls it!
163 //! fully validate whether this is a valid public key (more expensive than IsValid())
164 bool IsFullyValid() const;
166 //! Check whether this is a compressed public key.
167 bool IsCompressed() const
173 * Verify a DER signature (~72 bytes).
174 * If this public key is not fully valid, the return value will be false.
176 bool Verify(const uint256
& hash
, const std::vector
<unsigned char>& vchSig
) const;
179 * Check whether a signature is normalized (lower-S).
181 static bool CheckLowS(const std::vector
<unsigned char>& vchSig
);
183 //! Recover a public key from a compact signature.
184 bool RecoverCompact(const uint256
& hash
, const std::vector
<unsigned char>& vchSig
);
186 //! Turn this public key into an uncompressed public key.
189 //! Derive BIP32 child pubkey.
190 bool Derive(CPubKey
& pubkeyChild
, ChainCode
&ccChild
, unsigned int nChild
, const ChainCode
& cc
) const;
194 unsigned char nDepth
;
195 unsigned char vchFingerprint
[4];
200 friend bool operator==(const CExtPubKey
&a
, const CExtPubKey
&b
)
202 return a
.nDepth
== b
.nDepth
&&
203 memcmp(&a
.vchFingerprint
[0], &b
.vchFingerprint
[0], sizeof(vchFingerprint
)) == 0 &&
204 a
.nChild
== b
.nChild
&&
205 a
.chaincode
== b
.chaincode
&&
206 a
.pubkey
== b
.pubkey
;
209 void Encode(unsigned char code
[BIP32_EXTKEY_SIZE
]) const;
210 void Decode(const unsigned char code
[BIP32_EXTKEY_SIZE
]);
211 bool Derive(CExtPubKey
& out
, unsigned int nChild
) const;
213 void Serialize(CSizeComputer
& s
) const
215 // Optimized implementation for ::GetSerializeSize that avoids copying.
216 s
.seek(BIP32_EXTKEY_SIZE
+ 1); // add one byte for the size (compact int)
218 template <typename Stream
>
219 void Serialize(Stream
& s
) const
221 unsigned int len
= BIP32_EXTKEY_SIZE
;
222 ::WriteCompactSize(s
, len
);
223 unsigned char code
[BIP32_EXTKEY_SIZE
];
225 s
.write((const char *)&code
[0], len
);
227 template <typename Stream
>
228 void Unserialize(Stream
& s
)
230 unsigned int len
= ::ReadCompactSize(s
);
231 unsigned char code
[BIP32_EXTKEY_SIZE
];
232 if (len
!= BIP32_EXTKEY_SIZE
)
233 throw std::runtime_error("Invalid extended key size\n");
234 s
.read((char *)&code
[0], len
);
239 /** Users of this module must hold an ECCVerifyHandle. The constructor and
240 * destructor of these are not allowed to run in parallel, though. */
241 class ECCVerifyHandle
250 #endif // BITCOIN_PUBKEY_H