bool key::sign(const sha256 & h, std::vector<std::uint8_t> & signature)
{
unsigned int size = ECDSA_size(m_EC_KEY);
signature.resize(size);
if (
!ECDSA_sign(0, h.digest(), sha256::digest_length, &signature[0],
&size, m_EC_KEY)
)
{
signature.clear();
return false;
}
signature.resize(size);
return true;
}
bool crypter::encrypt_secret(
types::keying_material_t & master_key, const key::secret_t & plain_text,
const sha256 & iv, std::vector<std::uint8_t> & cipher_text
)
{
crypter crypter_key;
std::vector<std::uint8_t> new_iv(wallet_key_size);
std::memcpy(&new_iv[0], iv.digest(), wallet_key_size);
if (crypter_key.set_key(master_key, new_iv) == false)
{
return false;
}
return
crypter_key.encrypt((types::keying_material_t)plain_text, cipher_text)
;
}
bool key::verify(
const sha256 & h, const std::vector<std::uint8_t> & signature
)
{
bool ret = false;
if (signature.size() > 0)
{
auto ptr_signature = &signature[0];
ECDSA_SIG * ecdsa_sig = 0;
if (
(ecdsa_sig = d2i_ECDSA_SIG(
0, &ptr_signature, signature.size())) != 0
)
{
std::uint8_t * pp = 0;
auto len = i2d_ECDSA_SIG(ecdsa_sig, &pp);
ECDSA_SIG_free(ecdsa_sig), ecdsa_sig = 0;
if (pp && len > 0)
{
ret = ECDSA_verify(
0, h.digest(), sha256::digest_length, pp, len, m_EC_KEY
) == 1;
OPENSSL_free(pp), pp = 0;
}
}
}
return ret;
}
bool checkpoints::validate_sync_checkpoint(const sha256 & hash_checkpoint)
{
if (globals::instance().block_indexes().count(m_hash_sync_checkpoint) == 0)
{
log_error(
"Checkpoints, validate sync checkpoint failed, block index "
"missing for current sync-checkpoint " <<
m_hash_sync_checkpoint.to_string() << "."
);
return false;
}
if (globals::instance().block_indexes().count(hash_checkpoint) == 0)
{
log_error(
"Checkpoints, validate sync checkpoint failed, block index "
"missing for received sync-checkpoint " <<
hash_checkpoint.to_string() << "."
);
return false;
}
auto index_sync_checkpoint =
globals::instance().block_indexes()[m_hash_sync_checkpoint]
;
auto index_checkpoint_recv =
globals::instance().block_indexes()[hash_checkpoint]
;
if (index_checkpoint_recv->height() <= index_sync_checkpoint->height())
{
/**
* Received an older checkpoint, trace back from current checkpoint
* to the same height of the received checkpoint to verify
* that current checkpoint should be a descendant block.
*/
auto pindex = index_sync_checkpoint;
while (pindex->height() > index_checkpoint_recv->height())
{
if (!(pindex = pindex->block_index_previous()))
{
log_error(
"Checkpoints, validate sync checkpoint failed, "
"previous index is null - block index structure failure."
);
return false;
}
}
if (pindex->get_block_hash() != hash_checkpoint)
{
m_hash_invalid_checkpoint = hash_checkpoint;
log_error(
"Checkpoints, validate sync checkpoint failed, new "
"sync-checkpoint " << hash_checkpoint.to_string() <<
" is conflicting with current sync-checkpoint " <<
m_hash_sync_checkpoint.to_string().c_str()
);
return false;
}
/**
* Ignore older checkpoint.
*/
return false;
}
/**
* Received checkpoint should be a descendant block of the current
* checkpoint. Trace back to the same height of current checkpoint
* to verify.
*/
auto index = index_checkpoint_recv;
while (index->height() > index_sync_checkpoint->height())
{
if (!(index = index->block_index_previous()))
{
log_error(
"Checkpoints, validate sync checkpoint failed, previous "
"index is null - block index structure failure"
);
return false;
}
}
if (index->get_block_hash() != m_hash_sync_checkpoint)
{
m_hash_invalid_checkpoint = hash_checkpoint;
log_error(
"Checkpoints, validate sync checkpoint failed, new "
"sync-checkpoint " << hash_checkpoint.to_string() << " is not a "
"descendant of current sync-checkpoint " <<
m_hash_sync_checkpoint.to_string() << "."
);
return false;
}
return true;
}
void zerotime_manager::probe_for_answers(
const sha256 & hash_tx,
const std::vector<transaction_in> & transactions_in
)
{
if (globals::instance().is_zerotime_enabled())
{
log_debug(
"ZeroTime manager is probing for answers to " <<
hash_tx.to_string().substr(0, 8) << "."
);
assert(transactions_in.size());
std::lock_guard<std::mutex> l1(mutex_questions_);
if (questions_.count(hash_tx) == 0)
{
/**
* Insert the question.
*/
questions_[hash_tx].first = std::time(0);
questions_[hash_tx].second =
std::make_shared<zerotime_question> (transactions_in)
;
/**
* Try to get some recent good endpoints.
*/
auto recent_good_endpoints =
stack_impl_.get_address_manager()->recent_good_endpoints()
;
std::random_shuffle(
recent_good_endpoints.begin(), recent_good_endpoints.end()
);
/**
* Limit the number of queued tcp endpoints to
* zerotime::answers_maximum.
*/
recent_good_endpoints.resize(zerotime::answers_maximum);
if (recent_good_endpoints.size() > 0)
{
std::lock_guard<std::mutex> l1(
mutex_question_queue_tcp_endpoints_
);
std::vector<boost::asio::ip::tcp::endpoint> eps;
for (auto & i : recent_good_endpoints)
{
eps.push_back(
boost::asio::ip::tcp::endpoint(
i.addr.ipv4_mapped_address(), i.addr.port)
);
}
question_queue_tcp_endpoints_[hash_tx].first = std::time(0);
question_queue_tcp_endpoints_[hash_tx].second.insert(
question_queue_tcp_endpoints_[hash_tx].second.end(),
eps.begin(), eps.end()
);
/**
* Start the timer.
*/
do_tick_probe(interval_probe);
}
else
{
log_error(
"ZeroTime manager tried to probe for answers but no "
"recent endpoints were found"
);
}
}
}
}
sha256 operator << ( const sha256& h1, uint32_t i ) {
sha256 result;
fc::detail::shift_l( h1.data(), result.data(), result.data_size(), i );
return result;
}
sha256 sha256::hash( const sha256& s )
{
return hash( s.data(), sizeof( s._hash ) );
}
sha256 sha256::encoder::result() {
sha256 h;
SHA256_Final((uint8_t*)h.data(), &my->ctx );
return h;
}
void sha256::encoder::reset() {
SHA256_Init( &my->ctx);
}
sha256 operator << ( const sha256& h1, uint32_t i ) {
sha256 result;
fc::detail::shift_l( h1.data(), result.data(), result.data_size(), i );
return result;
}
sha256 operator >> ( const sha256& h1, uint32_t i ) {
sha256 result;
fc::detail::shift_r( h1.data(), result.data(), result.data_size(), i );
return result;
}
sha256 operator ^ ( const sha256& h1, const sha256& h2 ) {
sha256 result;
result._hash[0] = h1._hash[0] ^ h2._hash[0];
result._hash[1] = h1._hash[1] ^ h2._hash[1];
result._hash[2] = h1._hash[2] ^ h2._hash[2];
result._hash[3] = h1._hash[3] ^ h2._hash[3];
return result;
}
bool operator >= ( const sha256& h1, const sha256& h2 ) {
return memcmp( h1._hash, h2._hash, sizeof(h1._hash) ) >= 0;
}
bool operator > ( const sha256& h1, const sha256& h2 ) {
bool key::sign_compact(
const sha256 & h, std::vector<std::uint8_t> & signature
)
{
bool ret = false;
ECDSA_SIG * sig = ECDSA_do_sign(
h.digest(), sha256::digest_length, m_EC_KEY
);
if (sig == 0)
{
return false;
}
signature.clear();
signature.resize(65, 0);
int nBitsR = BN_num_bits(sig->r);
int nBitsS = BN_num_bits(sig->s);
if (nBitsR <= 256 && nBitsS <= 256)
{
int nRecId = -1;
for (auto i = 0; i < 4; i++)
{
key keyRec;
keyRec.m_set = true;
if (m_compressed)
{
keyRec.set_compressed_public_key();
}
if (
ECDSA_SIG_recover_key_GFp(keyRec.m_EC_KEY,
sig, h.digest(), sha256::digest_length,
i, 1) == 1
)
{
if (keyRec.get_public_key() == get_public_key())
{
nRecId = i;
break;
}
}
}
if (nRecId == -1)
{
throw std::runtime_error("unable to construct recoverable key");
}
signature[0] = nRecId + 27 + (m_compressed ? 4 : 0);
BN_bn2bin(sig->r, &signature[33 - (nBitsR + 7) / 8]);
BN_bn2bin(sig->s, &signature[65 - (nBitsS + 7) / 8]);
ret = true;
}
ECDSA_SIG_free(sig);
return ret;
}