Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
elliptic_em.cpp
Go to the documentation of this file.
1#include <fc/crypto/elliptic_em.hpp>
2
3#include <fc/crypto/base58.hpp>
4#include <fc/crypto/hmac.hpp>
5#include <fc/crypto/openssl.hpp>
6#include <fc/crypto/sha512.hpp>
7
8#include <fc/fwd_impl.hpp>
9#include <fc/exception/exception.hpp>
10#include <fc/log/logger.hpp>
11
12#include <secp256k1.h>
13#include <secp256k1_recovery.h>
14
15#if _WIN32
16# include <malloc.h>
17#elif defined(__FreeBSD__)
18# include <stdlib.h>
19#else
20# include <alloca.h>
21#endif
22
23#include "_elliptic_em_impl_priv.hpp"
24
25namespace fc { namespace em {
26 namespace detail
27 {
32
33 void _init_lib() {
34 static const secp256k1_context* ctx = _get_context();
35 (void)ctx;
36 }
37
38 class public_key_impl
39 {
40 public:
41 public_key_impl() BOOST_NOEXCEPT
42 {
43 _init_lib();
44 }
45
46 public_key_impl( const public_key_impl& cpy ) BOOST_NOEXCEPT
47 : _key( cpy._key )
48 {
49 _init_lib();
50 }
51
52 public_key_data _key;
53 };
54
55 typedef fc::array<char,37> chr37;
56 chr37 _derive_message( const public_key_data& key, int i );
57 fc::sha256 _left( const fc::sha512& v );
58 fc::sha256 _right( const fc::sha512& v );
59 const ec_group& get_curve();
60 const private_key_secret& get_curve_order();
61 const private_key_secret& get_half_curve_order();
62 }
63
64 static const public_key_data empty_pub;
65
66
67 fc::sha512 private_key::get_shared_secret( const public_key& other )const
68 {
69 static const private_key_secret empty_priv;
70 FC_ASSERT( my->_key != empty_priv );
71 FC_ASSERT( other.my->_key != empty_pub );
72 secp256k1_pubkey secp_pubkey;
73 FC_ASSERT( secp256k1_ec_pubkey_parse( detail::_get_context(), &secp_pubkey, (unsigned char*)other.serialize().data, other.serialize().size() ) );
74 FC_ASSERT( secp256k1_ec_pubkey_tweak_mul( detail::_get_context(), &secp_pubkey, (unsigned char*) my->_key.data() ) );
75 public_key_data serialized_result;
76 size_t serialized_result_sz = sizeof(serialized_result);
77 secp256k1_ec_pubkey_serialize(detail::_get_context(), (unsigned char*)&serialized_result.data, &serialized_result_sz, &secp_pubkey, SECP256K1_EC_COMPRESSED );
78 FC_ASSERT( serialized_result_sz == sizeof(serialized_result) );
79 return fc::sha512::hash( serialized_result.begin() + 1, serialized_result.size() - 1 );
80 }
81
82
83 public_key::public_key() {}
84
85 public_key::public_key( const public_key &pk ) : my( pk.my ) {}
86
87 public_key::public_key( public_key &&pk ) : my( std::move( pk.my ) ) {}
88
89 public_key::~public_key() {}
90
91 public_key& public_key::operator=( const public_key& pk )
92 {
93 my = pk.my;
94 return *this;
95 }
96
97 public_key& public_key::operator=( public_key&& pk )
98 {
99 my = pk.my;
100 return *this;
101 }
102
103 bool public_key::valid()const
104 {
105 return my->_key != empty_pub;
106 }
107
108 std::string public_key::to_base58() const
109 {
110 FC_ASSERT( my->_key != empty_pub );
111 return to_base58( my->_key );
112 }
113
114 public_key_data public_key::serialize()const
115 {
116 FC_ASSERT( my->_key != empty_pub );
117 return my->_key;
118 }
119
120 public_key::public_key( const public_key_point_data& dat )
121 {
122 const char* front = &dat.data[0];
123 if( *front == 0 ){}
124 else
125 {
126 EC_KEY *key = EC_KEY_new_by_curve_name( NID_secp256k1 );
127 key = o2i_ECPublicKey( &key, (const unsigned char**)&front, sizeof(dat) );
128 FC_ASSERT( key );
129 EC_KEY_set_conv_form( key, POINT_CONVERSION_COMPRESSED );
130 unsigned char* buffer = (unsigned char*) my->_key.begin();
131 i2o_ECPublicKey( key, &buffer ); // FIXME: questionable memory handling
132 EC_KEY_free( key );
133 }
134 }
135
136 public_key::public_key( const public_key_data& dat )
137 {
138 my->_key = dat;
139 }
140
141 public_key::public_key( const compact_signature& c, const fc::sha256& digest, bool check_canonical )
142 {
143 int nV = c.data[0];
144 if (nV<27 || nV>=35)
145 FC_THROW_EXCEPTION( exception, "unable to reconstruct public key from signature" );
146
147 if( check_canonical )
148 {
149 FC_ASSERT( is_canonical( c ), "signature is not canonical" );
150 }
151
152 secp256k1_pubkey secp_pub;
153 secp256k1_ecdsa_recoverable_signature secp_sig;
154
155 FC_ASSERT( secp256k1_ecdsa_recoverable_signature_parse_compact( detail::_get_context(), &secp_sig, (unsigned char*)c.begin() + 1, (*c.begin() - 27) & 3) );
156 FC_ASSERT( secp256k1_ecdsa_recover( detail::_get_context(), &secp_pub, &secp_sig, (unsigned char*) digest.data() ) );
157
158 size_t serialized_result_sz = my->_key.size();
159 secp256k1_ec_pubkey_serialize( detail::_get_context(), (unsigned char*)&my->_key.data, &serialized_result_sz, &secp_pub, SECP256K1_EC_COMPRESSED );
160 FC_ASSERT( serialized_result_sz == my->_key.size() );
161 }
162
163 public_key::public_key(const compact_signature& c, const unsigned char* digest, bool check_canonical) {
164 int nV = c.data[0];
165 if (nV < 27 || nV >= 35) {
166 FC_THROW_EXCEPTION(exception, "unable to reconstruct public key from signature");
167 }
168
169 if (check_canonical) {
170 FC_ASSERT(is_canonical(c), "signature is not canonical");
171 }
172
173 // Declare the necessary secp256k1 variables for public key and signature
174 secp256k1_pubkey secp_pub;
175 secp256k1_ecdsa_recoverable_signature secp_sig;
176
177 // Parse the compact signature into a recoverable signature
178 FC_ASSERT(secp256k1_ecdsa_recoverable_signature_parse_compact(
179 detail::_get_context(),
180 &secp_sig,
181 (unsigned char*)c.begin() + 1,
182 (*c.begin() - 27) & 3));
183
184 // Recover the public key from the signature and digest
185 FC_ASSERT(secp256k1_ecdsa_recover(
186 detail::_get_context(),
187 &secp_pub,
188 &secp_sig,
189 digest));
190
191 // Prepare to serialize the recovered public key
192 size_t serialized_result_sz = my->_key.size();
193 secp256k1_ec_pubkey_serialize(
194 detail::_get_context(),
195 (unsigned char*)&my->_key.data,
196 &serialized_result_sz,
197 &secp_pub,
198 SECP256K1_EC_COMPRESSED);
199
200 // Verify the serialized public key size
201 FC_ASSERT(serialized_result_sz == my->_key.size());
202 }
203
204 // public_key::public_key( const compact_signature& c, const unsigned char* digest, bool check_canonical )
205 // {
206 // int nV = c.data[0];
207 // if (nV<27 || nV>=35)
208 // FC_THROW_EXCEPTION( exception, "unable to reconstruct public key from signature" );
209
210 // if( check_canonical )
211 // {
212 // FC_ASSERT( is_canonical( c ), "signature is not canonical" );
213 // }
214
215 // unsigned int pk_len;
216 // FC_ASSERT( secp256k1_ecdsa_recover_compact( detail::_get_context(), digest, (unsigned char*) c.begin() + 1, (unsigned char*) my->_key.begin(), (int*) &pk_len, 1, (*c.begin() - 27) & 3 ) );
217 // FC_ASSERT( pk_len == my->_key.size() );
218 // }
219
220} }
_elliptic_em_impl_priv.hpp
fc::array::size
size_t size() const
Definition array.hpp:35
fc::array::begin
const T * begin() const
Definition array.hpp:29
fc::array::data
T data[N]
Definition array.hpp:37
fc::em::detail::public_key_impl
Definition elliptic_em.cpp:39
fc::em::detail::public_key_impl::_key
EC_KEY * _key
Definition _elliptic_em_impl_pub.hpp:27
fc::em::detail::public_key_impl::_key
public_key_data _key
Definition elliptic_em.cpp:52
fc::em::detail::public_key_impl::public_key_impl
public_key_impl(const public_key_impl &cpy) BOOST_NOEXCEPT
Definition elliptic_em.cpp:46
fc::em::detail::public_key_impl::public_key_impl
public_key_impl() BOOST_NOEXCEPT
Definition elliptic_em.cpp:41
fc::em::private_key::get_shared_secret
fc::sha512 get_shared_secret(const public_key &pub) const
Definition elliptic_em.cpp:67
fc::em::public_key
contains only the public point of an elliptic curve key.
Definition elliptic_em.hpp:38
fc::em::public_key::valid
bool valid() const
Definition elliptic_em.cpp:103
fc::em::public_key::~public_key
~public_key()
Definition elliptic_em.cpp:89
fc::em::public_key::to_base58
std::string to_base58() const
Allows to convert current public key object into base58 number.
Definition elliptic_em.cpp:108
fc::em::public_key::operator=
public_key & operator=(public_key &&pk)
Definition elliptic_em.cpp:97
fc::em::public_key::public_key
public_key()
Definition elliptic_em.cpp:83
fc::em::public_key::serialize
public_key_data serialize() const
Definition elliptic_em.cpp:114
fc::exception
Used to generate a useful error report when an exception is thrown.
Definition exception.hpp:58
fc::sha256::data
const char * data() const
Definition sha256.cpp:31
fc::sha512::hash
static sha512 hash(const char *d, uint32_t dlen)
Definition sha512.cpp:37
elliptic_em.hpp
exception.hpp
Defines exception's used by fc.
FC_THROW_EXCEPTION
#define FC_THROW_EXCEPTION(EXCEPTION, FORMAT,...)
Definition exception.hpp:395
FC_ASSERT
#define FC_ASSERT(TEST,...)
Checks a condition and throws an assert_exception if the test is FALSE.
Definition exception.hpp:362
fwd_impl.hpp
fc::em::detail::_get_context
const secp256k1_context * _get_context()
Definition elliptic_em.cpp:28
fc::em::detail::get_curve_order
const private_key_secret & get_curve_order()
Definition elliptic_em_common.cpp:84
fc::em::detail::get_curve
const ec_group & get_curve()
Definition elliptic_em_common.cpp:66
fc::em::detail::_derive_message
chr37 _derive_message(const public_key_data &key, int i)
Definition elliptic_em_common.cpp:60
fc::em::detail::_left
fc::sha256 _left(const fc::sha512 &v)
Definition elliptic_em_common.cpp:27
fc::em::detail::chr37
fc::array< char, 37 > chr37
Definition elliptic_em.cpp:55
fc::em::detail::_right
fc::sha256 _right(const fc::sha512 &v)
Definition elliptic_em_common.cpp:34
fc::em::detail::get_half_curve_order
const private_key_secret & get_half_curve_order()
Definition elliptic_em_common.cpp:103
fc
namespace sysio::chain
Definition authority.cpp:3
fc::digest
fc::sha256 digest(const T &value)
Definition digest.hpp:9
std
Definition name.hpp:106
SECP256K1_CONTEXT_SIGN
#define SECP256K1_CONTEXT_SIGN
Definition secp256k1.h:196
secp256k1_ec_pubkey_serialize
SECP256K1_API int secp256k1_ec_pubkey_serialize(const secp256k1_context *ctx, unsigned char *output, size_t *outputlen, const secp256k1_pubkey *pubkey, unsigned int flags) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Definition secp256k1.c:246
secp256k1_context_create
SECP256K1_API secp256k1_context * secp256k1_context_create(unsigned int flags) SECP256K1_WARN_UNUSED_RESULT
Definition secp256k1.c:107
secp256k1_ec_pubkey_parse
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_parse(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *input, size_t inputlen) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Definition secp256k1.c:228
SECP256K1_EC_COMPRESSED
#define SECP256K1_EC_COMPRESSED
Definition secp256k1.h:201
SECP256K1_CONTEXT_VERIFY
#define SECP256K1_CONTEXT_VERIFY
Definition secp256k1.h:195
secp256k1_ec_pubkey_tweak_mul
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_mul(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Definition secp256k1.c:683
secp256k1_recovery.h
secp256k1_ecdsa_recoverable_signature_parse_compact
SECP256K1_API int secp256k1_ecdsa_recoverable_signature_parse_compact(const secp256k1_context *ctx, secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *input64, int recid) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Definition main_impl.h:38
secp256k1_ecdsa_recover
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_recover(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *msghash32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Definition main_impl.h:137
secp256k1_context_struct
Definition secp256k1.c:47
secp256k1_ecdsa_recoverable_signature
Definition secp256k1_recovery.h:24
secp256k1_pubkey
Definition secp256k1.h:70