예제 #1
0
leveldb::Slice slice_block_hash(const hash_digest& block_hash)
{
    // Cut first 16 bytes of block hash
    BITCOIN_ASSERT(block_hash.size() == 32);
    return leveldb::Slice(
        reinterpret_cast<const char*>(block_hash.data() + 16), 16);
}
예제 #2
0
stealth_bitfield calculate_bitfield(const data_chunk& stealth_data)
{
    // Calculate stealth bitfield
    const hash_digest index = generate_sha256_hash(stealth_data);
    auto deserial = make_deserializer(
        index.begin(), index.begin() + bitfield_size);
    stealth_bitfield bitfield = deserial.read_uint_auto<stealth_bitfield>();
    return bitfield;
}
예제 #3
0
bool verify_signature(const ec_point& public_key, hash_digest hash,
    const endorsement& signature)
{
    init.init();
    return 1 == secp256k1_ecdsa_verify(hash.data(), hash.size(),
        signature.data(), signature.size(), public_key.data(),
        public_key.size()
    );
}
예제 #4
0
bool read_hash(hash_digest& hash, const data_chunk& raw_hash)
{
    if (raw_hash.size() != hash.size())
    {
        log_warning(LOG_SUBSCRIBER) << "Wrong size for hash. Dropping.";
        return false;
    }
    std::copy(raw_hash.begin(), raw_hash.end(), hash.begin());
    return true;
}
예제 #5
0
bool verify_signature(const ec_point& public_key, hash_digest hash,
    const data_chunk& signature)
{
    std::reverse(hash.begin(), hash.end());
    init.init();
    return 1 == secp256k1_ecdsa_verify(
        hash.data(), hash.size(),
        signature.data(), signature.size(),
        public_key.data(), public_key.size()
    );
}
		bool elliptic_curve_key::verify(hash_digest hash, const data_chunk& signature)
		{
			BITCOIN_ASSERT(key_ != nullptr);
			// SSL likes a reversed hash
			std::reverse(hash.begin(), hash.end());
			// -1 = error, 0 = bad sig, 1 = good
			if (ECDSA_verify(0, hash.data(), hash.size(),
				signature.data(), signature.size(), key_) == 1)
				return true;
			return false;
		}
예제 #7
0
int get_block_hash(Db*, const Dbt*, const Dbt* data, Dbt* second_key)
{
    std::stringstream ss(std::string(
        reinterpret_cast<const char*>(data->get_data()), data->get_size()));
    protobuf::Block proto_block;
    proto_block.ParseFromIstream(&ss);
    message::block serial_block = protobuf_to_block_header(proto_block);
    second_hash = hash_block_header(serial_block);
    second_key->set_data(second_hash.data());
    second_key->set_size(second_hash.size());
    return 0;
}
		data_chunk elliptic_curve_key::sign(hash_digest hash) const
		{
			BITCOIN_ASSERT(key_ != nullptr);
			// SSL likes a reversed hash
			std::reverse(hash.begin(), hash.end());
			data_chunk signature(ECDSA_size(key_));
			unsigned int signature_length = signature.size();
			if (!ECDSA_sign(0, hash.data(), hash.size(),
				signature.data(), &signature_length, key_))
				return data_chunk();
			signature.resize(signature_length);
			return signature;
		}
예제 #9
0
compact_signature sign_compact(ec_secret secret, hash_digest hash,
    ec_secret nonce)
{
    init.init();

    compact_signature out;
    if (0 < secp256k1_ecdsa_sign_compact(hash.data(), hash.size(),
        out.signature.data(), secret.data(), nonce.data(), &out.recid))
    {
        return out;
    }

    // Error case:
    return compact_signature{{{0}}, 0};
}
예제 #10
0
compact_signature sign_compact(ec_secret secret, hash_digest hash)
{
    init.init();

    compact_signature out;

    ec_secret nonce;
    unsigned index = 0;
    do {
        nonce = create_nonce(secret, hash, index++);
    } while (secp256k1_ecdsa_sign_compact(hash.data(), hash.size(),
        out.signature.data(), secret.data(), nonce.data(), &out.recid) <= 0);

    return out;
}
예제 #11
0
endorsement sign(ec_secret secret, hash_digest hash, ec_secret nonce)
{
    init.init();

    int out_size = max_endorsement_size;
    endorsement signature(out_size);
    if (0 < secp256k1_ecdsa_sign(hash.data(), hash.size(), signature.data(),
        &out_size, secret.data(), nonce.data()))
    {
        signature.resize(out_size);
        return signature;
    }

    // Error case:
    return endorsement();
}
/**
 * Copy `binary` data from protobuf's storage format (std::string)
 * to libbitcoin's storage format (hash_digest).
 */
static bool unpack_hash(hash_digest& out, const std::string& in)
{
    if (in.size() != hash_size)
        return false;
    std::copy(in.begin(), in.end(), out.begin());
    return true;
}
예제 #13
0
data_chunk sign(ec_secret secret, hash_digest hash, ec_secret nonce)
{
    std::reverse(hash.begin(), hash.end());
    init.init();
    int out_size = 72;
    data_chunk signature(out_size);

    if (!verify_private_key(nonce)) // Needed because of upstream bug
        return data_chunk();
    bool valid = secp256k1_ecdsa_sign(hash.data(), hash.size(),
        signature.data(), &out_size, secret.data(), nonce.data()) == 1;
    if (!valid)
        return data_chunk();

    signature.resize(out_size);
    return signature;
}
예제 #14
0
endorsement sign(ec_secret secret, hash_digest hash)
{
    init.init();

    int out_size = max_endorsement_size;
    endorsement signature(out_size);

    ec_secret nonce;
    unsigned index = 0;
    do {
        nonce = create_nonce(secret, hash, index++);
    } while (secp256k1_ecdsa_sign(hash.data(), hash.size(), signature.data(),
        &out_size, secret.data(), nonce.data()) <= 0);

    signature.resize(out_size);
    return signature;
}
예제 #15
0
static one_byte point_sign(uint8_t byte, const hash_digest& hash)
{
    static constexpr uint8_t low_bit_mask = 0x01;
    const uint8_t last_byte = hash.back();
    const uint8_t last_byte_odd_field = last_byte & low_bit_mask;
    const uint8_t sign_byte = byte ^ last_byte_odd_field;
    return to_array(sign_byte);
}
예제 #16
0
bool extract_ephemeral_key(hash_digest& out_unsigned_ephemeral_key,
    const script& script)
{
    if (!is_stealth_script(script))
        return false;

    const auto& data = script.operations[1].data;
    std::copy(data.begin(), data.begin() + hash_size,
        out_unsigned_ephemeral_key.begin());

    return true;
}
예제 #17
0
bool sign(ec_signature& out, const ec_secret& secret, const hash_digest& hash)
{
    secp256k1_ecdsa_signature signature;
    const auto context = signing.context();

    if (secp256k1_ecdsa_sign(context, &signature, hash.data(), secret.data(),
        secp256k1_nonce_function_rfc6979, nullptr) != 1)
        return false;

    std::copy_n(std::begin(signature.data), out.size(), out.begin());
    return true;
}
예제 #18
0
bool recover_public(const secp256k1_context* context, byte_array<Size>& out,
    const recoverable_signature& recoverable, const hash_digest& hash)
{
    secp256k1_pubkey pubkey;
    secp256k1_ecdsa_recoverable_signature sign;
    const auto recovery_id = static_cast<int>(recoverable.recovery_id);
    return
        secp256k1_ecdsa_recoverable_signature_parse_compact(context,
            &sign, recoverable.signature.data(), recovery_id) == 1 &&
        secp256k1_ecdsa_recover(context, &pubkey, &sign, hash.data()) == 1 &&
            serialize(context, out, pubkey);
}
예제 #19
0
ec_point recover_compact(compact_signature signature,
    hash_digest hash, bool compressed)
{
    init.init();

    size_t public_key_size = ec_uncompressed_size;
    if (compressed)
        public_key_size = ec_compressed_size;

    ec_point out(public_key_size);
    int out_size;
    if (0 < secp256k1_ecdsa_recover_compact(hash.data(), hash.size(),
        signature.signature.data(), out.data(), &out_size, compressed,
        signature.recid))
    {
        BITCOIN_ASSERT(public_key_size == static_cast<size_t>(out_size));
        return out;
    }

    // Error case:
    return ec_point();
}
예제 #20
0
bool decode_hash(hash_digest& out, const std::string& in)
{
    if (in.size() != 2 * hash_size)
        return false;

    hash_digest result;
    if (!decode_base16_private(result.data(), result.size(), in.data()))
        return false;

    // Reverse:
    std::reverse_copy(result.begin(), result.end(), out.begin());
    return true;
}
예제 #21
0
bool verify_signature(const secp256k1_context* context,
    const secp256k1_pubkey point, const hash_digest& hash,
    const ec_signature& signature)
{
    // Copy to avoid exposing external types.
    secp256k1_ecdsa_signature parsed;
    std::copy(signature.begin(), signature.end(), std::begin(parsed.data));

    // secp256k1_ecdsa_verify rejects non-normalized (low-s) signatures, but
    // bitcoin does not have such a limitation, so we always normalize.
    secp256k1_ecdsa_signature normal;
    secp256k1_ecdsa_signature_normalize(context, &normal, &parsed);
    return secp256k1_ecdsa_verify(context, &normal, hash.data(), &point) == 1;
}
예제 #22
0
BC_API ec_secret create_nonce(ec_secret secret, hash_digest hash)
{
    std::reverse(hash.begin(), hash.end());
    init.init();

    hash_digest K
    {{
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
    }};
    hash_digest V
    {{
        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01
    }};

    K = hmac_sha256_hash(V + byte_array<1>{{0x00}} + secret + hash, K);
    V = hmac_sha256_hash(V, K);
    K = hmac_sha256_hash(V + byte_array<1>{{0x01}} + secret + hash, K);
    V = hmac_sha256_hash(V, K);

    while (true)
    {
        V = hmac_sha256_hash(V, K);

        if (verify_private_key(V))
            return V;

        K = hmac_sha256_hash(V + byte_array<1>{{0x00}}, K);
        V = hmac_sha256_hash(V, K);
    }
}
예제 #23
0
bool sign_recoverable(recoverable_signature& out, const ec_secret& secret,
    const hash_digest& hash)
{
    int recovery_id;
    const auto context = signing.context();
    secp256k1_ecdsa_recoverable_signature signature;

    const auto result =
        secp256k1_ecdsa_sign_recoverable(context, &signature, hash.data(),
            secret.data(), secp256k1_nonce_function_rfc6979, nullptr) == 1 &&
        secp256k1_ecdsa_recoverable_signature_serialize_compact(context,
            out.signature.data(), &recovery_id, &signature) == 1;

    BITCOIN_ASSERT(recovery_id >= 0 && recovery_id <= 3);
    out.recovery_id = static_cast<uint8_t>(recovery_id);
    return result;
}
예제 #24
0
bool message::dequeue(hash_digest& value)
{
    if (queue_.empty())
        return false;

    const auto& front = queue_.front();

    if (front.size() == hash_size)
    {
        std::copy(front.begin(), front.end(), value.begin());
        queue_.pop();
        return true;
    }

    queue_.pop();
    return false;
}
예제 #25
0
void hashtable_database_writer::store(const hash_digest& key_hash,
    size_t value_size, write_value_function write)
{
    // Calculate the end of the last record.
    const uint64_t header_size = 24 + buckets_ * 8;
    const uint64_t records_end_offset = header_size + total_records_size_;
    // [ tx hash ]              32
    // [ varuint value size ]
    // [ ... value data ... ]
    // [ next tx in bucket ]    8
    const size_t record_size =
        32 + variable_uint_size(value_size) + value_size + 8;
    // If a record crosses a page boundary then we align it with
    // the beginning of the next page.
    const size_t record_begin =
        align_if_crossing_page(page_size_, records_end_offset, record_size);
    BITCOIN_ASSERT(file_.size() >= record_begin + record_size);
    // We will insert new transactions at the beginning of the bucket's list.
    // I assume that more recent transactions in the blockchain are used
    // more often than older ones.
    // We lookup the existing value in the bucket first.
    const uint64_t bucket_index = remainder(key_hash.data(), buckets_);
    BITCOIN_ASSERT(bucket_index < buckets_);
    const uint64_t previous_bucket_value = read_bucket_value(bucket_index);
    // Now begin writing the record itself.
    uint8_t* entry = file_.data() + record_begin;
    auto serial = make_serializer(entry);
    serial.write_hash(key_hash);
    serial.write_variable_uint(value_size);
    // Call the supplied callback to serialize the data.
    write(serial.iterator());
    serial.set_iterator(serial.iterator() + value_size);
    serial.write_8_bytes(previous_bucket_value);
    BITCOIN_ASSERT(serial.iterator() == entry + record_size);
    // Change file size value at file start.
    // This must be done first so any subsequent writes don't
    // overwrite this record in case of a crash or interruption.
    BITCOIN_ASSERT(record_begin >= header_size);
    const uint64_t alignment_padding =
        record_begin - header_size - total_records_size_;
    BITCOIN_ASSERT(alignment_padding <= page_size_);
    total_records_size_ += record_size + alignment_padding;
    // Now add record to bucket.
    const uint64_t record_begin_offset = record_begin - header_size;
    link_record(bucket_index, record_begin_offset);
}
예제 #26
0
bool verify_signature(data_slice point, const hash_digest& hash,
    const ec_signature& signature)
{
    // Copy to avoid exposing external types.
    secp256k1_ecdsa_signature parsed;
    std::copy(signature.begin(), signature.end(), std::begin(parsed.data));

    // secp256k1_ecdsa_verify rejects non-normalized (low-s) signatures, but
    // bitcoin does not have such a limitation, so we always normalize.
    secp256k1_ecdsa_signature normal;
    const auto context = verification.context();
    secp256k1_ecdsa_signature_normalize(context, &normal, &parsed);

    // This uses a data slice and calls secp256k1_ec_pubkey_parse() in place of
    // parse() so that we can support the der_verify data_chunk optimization.
    secp256k1_pubkey pubkey;
    const auto size = point.size();
    return
        secp256k1_ec_pubkey_parse(context, &pubkey, point.data(), size) == 1 &&
        secp256k1_ecdsa_verify(context, &normal, hash.data(), &pubkey) == 1;
}
예제 #27
0
const hashtable_database_reader::get_result hashtable_database_reader::get(
    const hash_digest& key_hash) const
{
    uint64_t bucket_index = remainder(key_hash.data(), writer_.buckets());
    BITCOIN_ASSERT(bucket_index < writer_.buckets());
    uint64_t record_offset = read_record_offset(file_.data(), bucket_index);
    const uint64_t header_size = 24 + writer_.buckets() * 8;
    const uint8_t* all_records_begin = file_.data() + header_size;
    const uint8_t* all_records_end =
        all_records_begin + writer_.records_size();
    const uint8_t* record_begin = all_records_begin + record_offset;
    // We don't know the end of a record, so we use the end of all records
    // for the deserializer.
    // We will be jumping around the records since it's a chained
    // list per bucket.
    // Begin iterating the list.
    while (true)
    {
        auto deserial = make_deserializer(record_begin, all_records_end);
        const hash_digest current_hash = deserial.read_hash();
        uint64_t value_size = deserial.read_variable_uint();
        if (current_hash != key_hash)
        {
            // Move to next record in bucket.
            // Skip the transaction data.
            deserial.set_iterator(deserial.iterator() + value_size);
            uint64_t next_record = deserial.read_8_bytes();
            if (next_record == record_doesnt_exist)
                return {nullptr, nullptr};
            record_begin = all_records_begin + next_record;
            continue;
        }
        // We have the record!
        return {deserial.iterator(), deserial.iterator() + value_size};
    }
    BITCOIN_ASSERT_MSG(false, "Broke out of unbreakable loop!");
    return {nullptr, nullptr};
}
static std::string pack_hash(hash_digest in)
{
    return std::string(in.begin(), in.end());
}
예제 #29
0
void hash_number::set_hash(const hash_digest& hash)
{
    std::copy(hash.begin(), hash.end(), hash_.begin());
}
예제 #30
0
void append_hash(czmqpp::message& message, const hash_digest& hash)
{
    message.append(data_chunk(hash.begin(), hash.end()));
}