Pieter Wuille
e10439ce5a
scripted-diff: rename privkey with seckey in secp256k1 interface
...
-BEGIN VERIFY SCRIPT-
sed -i 's/privkey/seckey/g' src/key.cpp
-END VERIFY SCRIPT-
2020-06-10 18:29:33 -07:00
MarcoFalke
aaaaad6ac9
scripted-diff: Bump copyright of files changed in 2019
...
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-
2019-12-30 10:42:20 +13:00
Wladimir J. van der Laan
36191a8bb5
Merge #12461 : scripted-diff: Rename key size consts to be relative to their class
...
0580f86bb4
Fixup whitespace (Ben Woosley)
47101bbb27
scripted-diff: Rename CPubKey and CKey::*_KEY_SIZE and COMPRESSED_*_KEY_SIZE (Ben Woosley)
Pull request description:
~~And introduce CPubKeySig to host code relative to key sigs.~~
ACKs for top commit:
meshcollider:
utACK 0580f86bb4
Tree-SHA512: 29aa0be54912358b138e391b9db78639786f56580493e590ec9f773c0e1b421740133d05a79be247c7ee57e71c9c9e41b9cb54088cb3c0e3f813f74f0895287b
2019-11-20 12:43:55 +01:00
practicalswift
eca9767673
Make reasoning about dependencies easier by not including unused dependencies
2019-06-02 17:15:23 +02:00
Jonas Schnelli
463921bb64
CKey: add method to negate the key
2019-03-27 13:59:50 +01:00
Ben Woosley
47101bbb27
scripted-diff: Rename CPubKey and CKey::*_KEY_SIZE and COMPRESSED_*_KEY_SIZE
...
To SIZE and COMPRESSED_SIZE
-BEGIN VERIFY SCRIPT-
sed -i 's/PRIVATE_KEY_SIZE/SIZE/g' src/*.h src/*.cpp src/**/*.h src/**/*.cpp
sed -i 's/COMPRESSED_PRIVATE_KEY_SIZE/COMPRESSED_SIZE/g' src/*.h src/**/*.cpp src/**/*.h src/**/*.cpp
sed -i 's/PUBLIC_KEY_SIZE/SIZE/g' src/*.h src/*.cpp src/**/*.h src/**/*.cpp
sed -i 's/COMPRESSED_PUBLIC_KEY_SIZE/COMPRESSED_SIZE/g' src/*.h src/*.cpp src/**/*.h src/**/*.cpp
-END VERIFY SCRIPT-
2019-03-04 01:30:29 -08:00
João Barbosa
3617f11739
Fix assertion in CKey::SignCompact
2019-01-31 15:00:56 +00:00
liuyujun
9a565a8282
Pass export privkey DER compression flag correctly
...
By passing a bitfield where a boolean was expected, the result was
always compressed. Fix this.
2018-09-13 09:58:26 +02:00
Wladimir J. van der Laan
2115cba9c6
Merge #13666 : Always create signatures with Low R values
...
e306be7429
Use 72 byte dummy signatures when watching only inputs may be used (Andrew Chow)
48b1473c89
Use 71 byte signature for DUMMY_SIGNATURE_CREATOR (Andrew Chow)
18dfea0dd0
Always create 70 byte signatures with low R values (Andrew Chow)
Pull request description:
When creating signatures for transactions, always make one which has a 32 byte or smaller R and 32 byte or smaller S value. This results in signatures that are always less than 71 bytes (32 byte R + 32 byte S + 6 bytes DER + 1 byte sighash) with low R values. In most cases, the signature will be 71 bytes.
Because R is not mutable in the same way that S is, a low R value can only be found by trying different nonces. RFC 6979 for deterministic nonce generation has the option to specify additional entropy, so we simply use that and add a uin32_t counter which we increment in order to try different nonces. Nonces are sill deterministically generated as the nonce used will the be the first one where the counter results in a nonce that results in a low R value. Because different nonces need to be tried, time to produce a signature does increase. On average, it takes twice as long to make a signature as two signatures need to be created, on average, to find one with a low R.
Having a fixed size signature makes size calculations easier and also saves half a byte of transaction size, on average.
DUMMY_SIGNATURE_CREATOR has been modified to produce 71 byte dummy signatures instead of 72 byte signatures.
Tree-SHA512: 3cd791505126ce92da7c631856a97ba0b59e87d9c132feff6e0eef1dc47768e81fbb38bfbe970371bedf9714b7f61a13a5fe9f30f962c81734092a4d19a4ef33
2018-08-13 12:07:20 +02:00
Andrew Chow
18dfea0dd0
Always create 70 byte signatures with low R values
...
When extra entropy is not specified by the caller, CKey::Sign will
now always create a signature that has a low R value and is at most
70 bytes. The resulting signature on the stack will be 71 bytes when
the sighash byte is included.
Using low R signatures means that the resulting DER encoded signature
will never need to have additional padding to account for high R
values.
2018-08-09 18:39:56 -07:00
DrahtBot
eb7daf4d60
Update copyright headers to 2018
2018-07-27 07:15:02 -04:00
John Newbery
131d4450b9
scripted-diff: Rename master key to seed
...
-BEGIN VERIFY SCRIPT-
ren() { git grep -l "\<$1\>" 'src/*.cpp' 'src/*.h' test | xargs sed -i "s:\<$1\>:$2:g"; }
ren GenerateNewHDMasterKey GenerateNewSeed
ren DeriveNewMasterHDKey DeriveNewSeed
ren SetHDMasterKey SetHDSeed
ren hdMasterKeyID hd_seed_id
ren masterKeyID seed_id
ren SetMaster SetSeed
ren hdmasterkeyid hdseedid
ren hdmaster hdseed
-END VERIFY SCRIPT-
2018-05-19 11:16:00 -04:00
Wladimir J. van der Laan
a34ac6ae07
Merge #9598 : Improve readability by removing redundant casts to same type (on all platforms)
...
06edc23f7
Improve readability by removing redundant casts to same type (on all platforms) (practicalswift)
Pull request description:
Same binaries check under Linux:
```
$ ../bitcoin-maintainer-tools/build-for-compare.py 874f13821f4193bd037cd37d005ee76b5a849398 82274c02ed
--executables "src/bitcoind,src/bitcoin-cli,src/bitcoin-tx"
$ sha256sum /tmp/compare/*.stripped
1fe1a8827474f7f24475ce3dc851e7ac658d4ed0ae38d11e67f5a810671eaa15 /tmp/compare/bitcoin-cli.82274c02ed2d82537dc55f008a29edb1bc09bbc4.stripped
1fe1a8827474f7f24475ce3dc851e7ac658d4ed0ae38d11e67f5a810671eaa15 /tmp/compare/bitcoin-cli.874f13821f4193bd037cd37d005ee76b5a849398.stripped
342c2ed0e60b60990a58cbf5845b256a4f9e3baff9db074baba5e34a620a60ea /tmp/compare/bitcoind.82274c02ed2d82537dc55f008a29edb1bc09bbc4.stripped
342c2ed0e60b60990a58cbf5845b256a4f9e3baff9db074baba5e34a620a60ea /tmp/compare/bitcoind.874f13821f4193bd037cd37d005ee76b5a849398.stripped
e4b2a80b2361d5cefd67a47eeb9298b8b712c26c7779d979348be8b2c7e3ec93 /tmp/compare/bitcoin-tx.82274c02ed2d82537dc55f008a29edb1bc09bbc4.stripped
e4b2a80b2361d5cefd67a47eeb9298b8b712c26c7779d979348be8b2c7e3ec93 /tmp/compare/bitcoin-tx.874f13821f4193bd037cd37d005ee76b5a849398.stripped
$ git diff -W --word-diff /tmp/compare/874f13821f4193bd037cd37d005ee76b5a849398 /tmp/compare/82274c02ed2d82537dc55f008a29edb1bc09bbc4
$
```
Tree-SHA512: 13ca5862fbb03771682b04a7523e581a7fe62e73620fa0e141cf1bc0a3b3f4e2e66bf14b46d1228e2b11b4960153545e7476f3295713a69b5cf5a28a7c2b358d
2018-03-07 17:47:46 +01:00
murrayn
a25cb0f313
Use ptrdiff_t type to more precisely indicate usage and avoid compiler warnings.
2018-02-05 02:25:28 -08:00
Russell Yanofsky
04ededf001
Make CKey::Load references const
...
No change in behavior, this just prevents CKey::Load arguments from looking
like outputs.
2018-01-23 13:16:56 -05:00
Akira Takizawa
595a7bab23
Increment MIT Licence copyright header year on files modified in 2017
2018-01-03 02:26:56 +09:00
practicalswift
06edc23f74
Improve readability by removing redundant casts to same type (on all platforms)
2017-12-21 13:36:00 +01:00
Wladimir J. van der Laan
79399c8cd0
Merge #10657 : Utils: Improvements to ECDSA key-handling code
...
63179d0
Scope the ECDSA constant sizes to CPubKey / CKey classes (Jack Grigg)
1ce9f0a
Ensure that ECDSA constant sizes are correctly-sized (Jack Grigg)
48abe78
Remove redundant `= 0` initialisations (Jack Grigg)
17fa391
Specify ECDSA constant sizes as constants (Jack Grigg)
e4a1086
Update Debian copyright list (Jack Grigg)
e181dbe
Add comments (Jack Grigg)
a3603ac
Fix potential overflows in ECDSA DER parsers (Jack Grigg)
Pull request description:
Mostly trivial, but includes fixes to potential overflows in the ECDSA DER parsers.
Cherry-picked from Zcash PR https://github.com/zcash/zcash/pull/2335
Tree-SHA512: 8fcbd51b0bd6723e5d33fa5d592f7cb68ed182796a9b837ecc8217991ad69d6c970258617dc00eb378c8caa4cec5d6b304d9d2c066acd40cda98e4da68e0caa4
2017-12-20 18:00:32 +01:00
practicalswift
a720b928c8
Remove includes in .cpp files for things the corresponding .h file already included
2017-11-16 22:26:34 +01:00
MeshCollider
1a445343f6
scripted-diff: Replace #include "" with #include <> (ryanofsky)
...
-BEGIN VERIFY SCRIPT-
for f in \
src/*.cpp \
src/*.h \
src/bench/*.cpp \
src/bench/*.h \
src/compat/*.cpp \
src/compat/*.h \
src/consensus/*.cpp \
src/consensus/*.h \
src/crypto/*.cpp \
src/crypto/*.h \
src/crypto/ctaes/*.h \
src/policy/*.cpp \
src/policy/*.h \
src/primitives/*.cpp \
src/primitives/*.h \
src/qt/*.cpp \
src/qt/*.h \
src/qt/test/*.cpp \
src/qt/test/*.h \
src/rpc/*.cpp \
src/rpc/*.h \
src/script/*.cpp \
src/script/*.h \
src/support/*.cpp \
src/support/*.h \
src/support/allocators/*.h \
src/test/*.cpp \
src/test/*.h \
src/wallet/*.cpp \
src/wallet/*.h \
src/wallet/test/*.cpp \
src/wallet/test/*.h \
src/zmq/*.cpp \
src/zmq/*.h
do
base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-
2017-11-16 08:23:01 +13:00
Jack Grigg
63179d0283
Scope the ECDSA constant sizes to CPubKey / CKey classes
2017-10-04 14:41:40 +01:00
practicalswift
90d4d89230
scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal instead of the macro NULL
...
-BEGIN VERIFY SCRIPT-
sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h
sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp
sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp
sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp
sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp
sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp
-END VERIFY SCRIPT-
2017-08-07 07:36:37 +02:00
Jack Grigg
1ce9f0a952
Ensure that ECDSA constant sizes are correctly-sized
2017-07-17 11:57:23 -05:00
Jack Grigg
48abe78e51
Remove redundant = 0
initialisations
2017-07-17 11:57:23 -05:00
Jack Grigg
17fa3913ef
Specify ECDSA constant sizes as constants
2017-07-17 11:57:23 -05:00
Jack Grigg
e181dbe748
Add comments
2017-07-17 11:55:05 -05:00
Jack Grigg
a3603ac6f0
Fix potential overflows in ECDSA DER parsers
2017-07-17 11:55:05 -05:00
Jeremy Rubin
30ac7688e3
Fix subscript[0] potential bugs in key.cpp
2017-07-08 13:37:06 -07:00
practicalswift
b51aaf1c42
Remove unused C++ code not covered by unit tests
2017-04-26 21:20:02 +02:00
isle2983
27765b6403
Increment MIT Licence copyright header year on files modified in 2016
...
Edited via:
$ contrib/devtools/copyright_header.py update .
2016-12-31 11:01:21 -07:00
Wladimir J. van der Laan
f4d1fc259b
wallet: Get rid of LockObject and UnlockObject calls in key.h
...
Replace these with vectors allocated from the secure allocator.
This avoids mlock syscall churn on stack pages, as well as makes
it possible to get rid of these functions.
Please review this commit and the previous one carefully that
no `sizeof(vectortype)` remains in the memcpys and memcmps usage
(ick!), and `.data()` or `&vec[x]` is used as appropriate instead of
&vec.
2016-10-19 16:17:33 +02:00
Pavel Janík
4731cab8fb
Do not shadow variables
2016-09-27 09:25:15 +02:00
Pieter Wuille
fa2637a3be
Always require OS randomness when generating secret keys
2016-05-29 01:52:17 +02:00
Jonas Schnelli
90604f16af
add bip32 pubkey serialization
...
CExtPubKey should be serializable like CPubKey
2016-04-14 20:56:33 +02:00
MarcoFalke
fa24439ff3
Bump copyright headers to 2015
2015-12-13 18:08:39 +01:00
Pieter Wuille
48edf5746a
Update key.cpp to new secp256k1 API
2015-11-13 00:12:53 +01:00
Wladimir J. van der Laan
6a877e870e
Merge pull request #6034
...
a574899
chaincodes: abstract away more chaincode behavior [squashme] replace struct CCainCode with a typedef uint256 ChainCode (Cory Fields)
8cf1485
Abstract chaincodes into CChainCode (Pieter Wuille)
2015-05-06 18:37:49 +02:00
Cory Fields
a574899671
chaincodes: abstract away more chaincode behavior
...
[squashme] replace struct CCainCode with a typedef uint256 ChainCode
2015-05-06 17:22:46 +02:00
Pieter Wuille
a56054be65
Update key.cpp to use new libsecp256k1
...
libsecp256k1's API changed, so update key.cpp to use it.
Libsecp256k1 now has explicit context objects, which makes it completely thread-safe.
In turn, keep an explicit context object in key.cpp, which is explicitly initialized
destroyed. This is not really pretty now, but it's more efficient than the static
initialized object in key.cpp (which made for example bitcoin-tx slow, as for most of
its calls, libsecp256k1 wasn't actually needed).
This also brings in the new blinding support in libsecp256k1. By passing in a random
seed, temporary variables during the elliptic curve computations are altered, in such
a way that if an attacker does not know the blind, observing the internal operations
leaks less information about the keys used. This was implemented by Greg Maxwell.
2015-05-04 14:45:34 +02:00
Pieter Wuille
8cf1485f3b
Abstract chaincodes into CChainCode
...
# Conflicts:
# src/key.cpp
# src/key.h
2015-05-02 11:17:16 +02:00
Pieter Wuille
437ada3e55
Switch test case signing to RFC6979 extra entropy
...
Instead of manually tweaking the deterministic nonce post-generation,
pass the test case number in as extra entropy to RFC6979.
2015-03-27 15:31:47 -07:00
Cory Fields
16a58a8644
keys: remove libsecp256k1 verification until it's actually supported
...
This was added a while ago for testing purposes, but was never intended to be
used. Remove it until upstream libsecp256k1 decides that verification is
stable/ready.
2015-03-02 11:31:43 -05:00
Pieter Wuille
1a9576de9d
Use libsecp256k1's RFC6979 implementation
2015-01-06 00:28:44 +01:00
Wladimir J. van der Laan
734f85c4f0
Use arith_uint256 where necessary
...
Also add conversion from/to uint256 where needed.
2015-01-05 15:45:35 +01:00
Wladimir J. van der Laan
4f1524966a
Replace direct use of 0 with SetNull and IsNull
...
Replace x=0 with .SetNull(),
x==0 with IsNull(), x!=0 with !IsNull().
Replace uses of uint256(0) with uint256().
2015-01-05 15:45:34 +01:00
Pieter Wuille
9a5cabf3da
Merge pull request #5508
...
146c0a7
Add RandAddSeedPerfmon to MakeNewKey (21E14)
2015-01-04 16:37:24 +01:00
sandakersmann
f914f1a746
Added "Core" to copyright headers
...
Github-Pull: #5494
Rebased-From: 15de949bb9
2014-12-19 19:55:32 +01:00
21E14
146c0a7c5a
Add RandAddSeedPerfmon to MakeNewKey
2014-12-18 20:25:04 -05:00
Pieter Wuille
830ee48b59
Update Bitcoin for libsecp256k1 API change
2014-12-11 02:06:28 +01:00
Wladimir J. van der Laan
f0877f8b62
Merge pull request #5227
...
4cdaa95
Resize after succesful result (Pieter Wuille)
9d8604f
Header define style cleanups (Pieter Wuille)
a53fd41
Deterministic signing (Pieter Wuille)
3060e36
Add the RFC6979 PRNG (Pieter Wuille)
a8f5087
Add HMAC-SHA256 (Pieter Wuille)
36fa4a7
Split up crypto/sha2 (Pieter Wuille)
2014-12-01 14:57:58 +01:00