Package com.bitsofproof.supernode.common

Source Code of com.bitsofproof.supernode.common.ECKeyPair

/*
* Copyright 2013 bits of proof zrt.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*    http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.bitsofproof.supernode.common;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.SecureRandom;

import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DERSequenceGenerator;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.sec.SECNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.bouncycastle.util.Arrays;

import com.bitsofproof.supernode.api.Address;

public class ECKeyPair implements Key
{
  private static final SecureRandom secureRandom = new SecureRandom ();
  private static final X9ECParameters curve = SECNamedCurves.getByName ("secp256k1");
  private static final ECDomainParameters domain = new ECDomainParameters (curve.getCurve (), curve.getG (), curve.getN (), curve.getH ());

  private BigInteger priv;
  private byte[] pub;
  private boolean compressed;

  private ECKeyPair ()
  {
  }

  @Override
  public boolean isCompressed ()
  {
    return compressed;
  }

  @Override
  public ECKeyPair clone () throws CloneNotSupportedException
  {
    ECKeyPair c = (ECKeyPair) super.clone ();
    c.priv = new BigInteger (c.priv.toByteArray ());
    c.pub = Arrays.clone (pub);
    c.compressed = compressed;
    return c;
  }

  public static ECKeyPair createNew (boolean compressed)
  {
    ECKeyPairGenerator generator = new ECKeyPairGenerator ();
    ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters (domain, secureRandom);
    generator.init (keygenParams);
    AsymmetricCipherKeyPair keypair = generator.generateKeyPair ();
    ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate ();
    ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic ();
    ECKeyPair k = new ECKeyPair ();
    k.priv = privParams.getD ();
    k.compressed = compressed;
    k.pub = pubParams.getQ ().getEncoded (compressed);
    return k;
  }

  public void setPublic (byte[] pub) throws ValidationException
  {
    throw new ValidationException ("Can not set public key if private is present");
  }

  @Override
  public byte[] getPrivate ()
  {
    byte[] p = priv.toByteArray ();

    if ( p.length != 32 )
    {
      byte[] tmp = new byte[32];
      System.arraycopy (p, Math.max (0, p.length - 32), tmp, Math.max (0, 32 - p.length), Math.min (32, p.length));
      p = tmp;
    }

    return p;
  }

  @Override
  public byte[] getPublic ()
  {
    return Arrays.clone (pub);
  }

  @Override
  public Key getReadOnly ()
  {
    return new ECPublicKey (pub, compressed);
  }

  @Override
  public Address getAddress ()
  {
    try
    {
      return new Address (Address.Type.COMMON, Hash.keyHash (pub));
    }
    catch ( ValidationException e )
    {
      return null;
    }
  }

  public ECKeyPair (byte[] p, boolean compressed) throws ValidationException
  {
    if ( p.length != 32 )
    {
      throw new ValidationException ("Invalid private key");
    }
    this.priv = new BigInteger (1, p).mod (curve.getN ());
    this.compressed = compressed;
    pub = curve.getG ().multiply (priv).getEncoded (compressed);
  }

  public ECKeyPair (BigInteger priv, boolean compressed)
  {
    this.priv = priv;
    this.compressed = compressed;
    pub = curve.getG ().multiply (priv).getEncoded (compressed);
  }

  @Override
  public byte[] sign (byte[] hash) throws ValidationException
  {
    if ( priv == null )
    {
      throw new ValidationException ("Need private key to sign");
    }
    ECDSASigner signer = new ECDSASigner (new HMacDSAKCalculator (new SHA256Digest ()));
    signer.init (true, new ECPrivateKeyParameters (priv, domain));
    BigInteger[] signature = signer.generateSignature (hash);
    ByteArrayOutputStream s = new ByteArrayOutputStream ();
    try
    {
      DERSequenceGenerator seq = new DERSequenceGenerator (s);
      seq.addObject (new ASN1Integer (signature[0]));
      seq.addObject (new ASN1Integer (signature[1]));
      seq.close ();
      return s.toByteArray ();
    }
    catch ( IOException e )
    {
    }
    return null;
  }

  @Override
  public boolean verify (byte[] hash, byte[] signature)
  {
    return verify (hash, signature, pub);
  }

  public static boolean verify (byte[] hash, byte[] signature, byte[] pub)
  {
    ASN1InputStream asn1 = new ASN1InputStream (signature);
    try
    {
      ECDSASigner signer = new ECDSASigner ();
      signer.init (false, new ECPublicKeyParameters (curve.getCurve ().decodePoint (pub), domain));

      DLSequence seq = (DLSequence) asn1.readObject ();
      BigInteger r = ((ASN1Integer) seq.getObjectAt (0)).getPositiveValue ();
      BigInteger s = ((ASN1Integer) seq.getObjectAt (1)).getPositiveValue ();
      return signer.verifySignature (hash, r, s);
    }
    catch ( Exception e )
    {
      // threat format errors as invalid signatures
      return false;
    }
    finally
    {
      try
      {
        asn1.close ();
      }
      catch ( IOException e )
      {
      }
    }
  }

  @Override
  public String toString ()
  {
    return serializeWIF (this);
  }

  public static String serializeWIF (Key key)
  {
    return ByteUtils.toBase58 (bytesWIF (key));
  }

  private static byte[] bytesWIF (Key key)
  {
    byte[] k = key.getPrivate ();
    if ( key.isCompressed () )
    {
      byte[] encoded = new byte[k.length + 6];
      byte[] ek = new byte[k.length + 2];
      ek[0] = (byte) 0x80;
      System.arraycopy (k, 0, ek, 1, k.length);
      ek[k.length + 1] = 0x01;
      byte[] hash = Hash.hash (ek);
      System.arraycopy (ek, 0, encoded, 0, ek.length);
      System.arraycopy (hash, 0, encoded, ek.length, 4);
      return encoded;
    }
    else
    {
      byte[] encoded = new byte[k.length + 5];
      byte[] ek = new byte[k.length + 1];
      ek[0] = (byte) 0x80;
      System.arraycopy (k, 0, ek, 1, k.length);
      byte[] hash = Hash.hash (ek);
      System.arraycopy (ek, 0, encoded, 0, ek.length);
      System.arraycopy (hash, 0, encoded, ek.length, 4);
      return encoded;
    }
  }

  public static ECKeyPair parseWIF (String serialized) throws ValidationException
  {
    byte[] store = ByteUtils.fromBase58 (serialized);
    return parseBytesWIF (store);
  }

  public static ECKeyPair parseBytesWIF (byte[] store) throws ValidationException
  {
    if ( store.length == 37 )
    {
      checkChecksum (store);
      byte[] key = new byte[store.length - 5];
      System.arraycopy (store, 1, key, 0, store.length - 5);
      return new ECKeyPair (key, false);
    }
    else if ( store.length == 38 )
    {
      checkChecksum (store);
      byte[] key = new byte[store.length - 6];
      System.arraycopy (store, 1, key, 0, store.length - 6);
      return new ECKeyPair (key, true);
    }
    throw new ValidationException ("Invalid key length");
  }

  private static void checkChecksum (byte[] store) throws ValidationException
  {
    byte[] checksum = new byte[4];
    System.arraycopy (store, store.length - 4, checksum, 0, 4);
    byte[] ekey = new byte[store.length - 4];
    System.arraycopy (store, 0, ekey, 0, store.length - 4);
    byte[] hash = Hash.hash (ekey);
    for ( int i = 0; i < 4; ++i )
    {
      if ( hash[i] != checksum[i] )
      {
        throw new ValidationException ("checksum mismatch");
      }
    }
  }
}
TOP

Related Classes of com.bitsofproof.supernode.common.ECKeyPair

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.