pubkey.h

Go to the documentation of this file.

// Copyright (c) 2009-2010 Satoshi Nakamoto
// Copyright (c) 2009-2016 The Bitcoin Core developers
// Copyright (c) 2017 The Zcash developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
#ifndef BITCOIN_PUBKEY_H
#define BITCOIN_PUBKEY_H
 
#include <hash.h>
#include <serialize.h>
#include <uint256.h>
 
#include <boost/range/adaptor/sliced.hpp>
 
#include <stdexcept>
#include <vector>
 
const unsigned int BIP32_EXTKEY_SIZE = 74;
 
class CKeyID : public uint160 {
public:
    CKeyID() : uint160() {}
    explicit CKeyID(const uint160 &in) : uint160(in) {}
};
 
using ChainCode = uint256;
 
class CPubKey {
public:
    static constexpr unsigned int SIZE = 65;
    static constexpr unsigned int COMPRESSED_SIZE = 33;
    static constexpr unsigned int SCHNORR_SIZE = 64;
    static constexpr unsigned int SIGNATURE_SIZE = 72;
    static constexpr unsigned int COMPACT_SIGNATURE_SIZE = 65;
    static_assert(SIZE >= COMPRESSED_SIZE,
                  "COMPRESSED_SIZE is larger than SIZE");
 
private:
    uint8_t vch[SIZE];
 
    static unsigned int GetLen(uint8_t chHeader) {
        if (chHeader == 2 || chHeader == 3) {
            return COMPRESSED_SIZE;
        }
        if (chHeader == 4 || chHeader == 6 || chHeader == 7) {
            return SIZE;
        }
        return 0;
    }
 
    void Invalidate() { vch[0] = 0xFF; }
 
public:
    bool static ValidSize(const std::vector<uint8_t> &vch) {
        return vch.size() > 0 && GetLen(vch[0]) == vch.size();
    }
 
    CPubKey() { Invalidate(); }
 
    template <typename T> void Set(const T pbegin, const T pend) {
        int len = pend == pbegin ? 0 : GetLen(pbegin[0]);
        if (len && len == (pend - pbegin)) {
            memcpy(vch, (uint8_t *)&pbegin[0], len);
        } else {
            Invalidate();
        }
    }
 
    template <typename T> CPubKey(const T pbegin, const T pend) {
        Set(pbegin, pend);
    }
 
    explicit CPubKey(Span<const uint8_t> _vch) {
        Set(_vch.begin(), _vch.end());
    }
 
    unsigned int size() const { return GetLen(vch[0]); }
    const uint8_t *data() const { return vch; }
    const uint8_t *begin() const { return vch; }
    const uint8_t *end() const { return vch + size(); }
    const uint8_t &operator[](unsigned int pos) const { return vch[pos]; }
 
    friend bool operator==(const CPubKey &a, const CPubKey &b) {
        return a.vch[0] == b.vch[0] && memcmp(a.vch, b.vch, a.size()) == 0;
    }
    friend bool operator!=(const CPubKey &a, const CPubKey &b) {
        return !(a == b);
    }
    friend bool operator<(const CPubKey &a, const CPubKey &b) {
        return a.vch[0] < b.vch[0] ||
               (a.vch[0] == b.vch[0] && memcmp(a.vch, b.vch, a.size()) < 0);
    }
 
    template <typename Stream> void Serialize(Stream &s) const {
        unsigned int len = size();
        ::WriteCompactSize(s, len);
        s.write(AsBytes(Span{vch, len}));
    }
    template <typename Stream> void Unserialize(Stream &s) {
        const unsigned int len(::ReadCompactSize(s));
        if (len <= SIZE) {
            s.read(AsWritableBytes(Span{vch, len}));
            if (len != size()) {
                Invalidate();
            }
        } else {
            // invalid pubkey, skip available data
            s.ignore(len);
            Invalidate();
        }
    }
 
    CKeyID GetID() const { return CKeyID(Hash160(Span{vch}.first(size()))); }
 
    uint256 GetHash() const { return Hash(Span{vch}.first(size())); }
 
    /*
     * Check syntactic correctness.
     *
     * Note that this is consensus critical as CheckSig() calls it!
     */
    bool IsValid() const { return size() > 0; }
 
    bool IsFullyValid() const;
 
    bool IsCompressed() const { return size() == COMPRESSED_SIZE; }
 
    bool VerifyECDSA(const uint256 &hash,
                     const std::vector<uint8_t> &vchSig) const;
 
    bool VerifySchnorr(const uint256 &hash,
                       const std::array<uint8_t, SCHNORR_SIZE> &sig) const;
    bool VerifySchnorr(const uint256 &hash,
                       const std::vector<uint8_t> &vchSig) const;
 
    static bool
    CheckLowS(const boost::sliced_range<const std::vector<uint8_t>> &vchSig);
    static bool CheckLowS(const std::vector<uint8_t> &vchSig) {
        return CheckLowS(vchSig | boost::adaptors::sliced(0, vchSig.size()));
    }
 
    bool RecoverCompact(const uint256 &hash,
                        const std::vector<uint8_t> &vchSig);
 
    bool Decompress();
 
    bool Derive(CPubKey &pubkeyChild, ChainCode &ccChild, unsigned int nChild,
                const ChainCode &cc) const;
};
 
struct CExtPubKey {
    uint8_t nDepth;
    uint8_t vchFingerprint[4];
    unsigned int nChild;
    ChainCode chaincode;
    CPubKey pubkey;
 
    friend bool operator==(const CExtPubKey &a, const CExtPubKey &b) {
        return a.nDepth == b.nDepth &&
               memcmp(a.vchFingerprint, b.vchFingerprint,
                      sizeof(vchFingerprint)) == 0 &&
               a.nChild == b.nChild && a.chaincode == b.chaincode &&
               a.pubkey == b.pubkey;
    }
 
    friend bool operator!=(const CExtPubKey &a, const CExtPubKey &b) {
        return !(a == b);
    }
 
    void Encode(uint8_t code[BIP32_EXTKEY_SIZE]) const;
    void Decode(const uint8_t code[BIP32_EXTKEY_SIZE]);
    bool Derive(CExtPubKey &out, unsigned int nChild) const;
 
    CExtPubKey() = default;
};
 
class ECCVerifyHandle {
    static int refcount;
 
public:
    ECCVerifyHandle();
    ~ECCVerifyHandle();
};
 
#endif // BITCOIN_PUBKEY_H