2019-08-27 13:29:42 +00:00
|
|
|
package keys
|
2018-03-21 16:11:04 +00:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
2019-02-20 13:34:28 +00:00
|
|
|
"crypto/ecdsa"
|
2019-08-27 13:29:42 +00:00
|
|
|
"crypto/elliptic"
|
2019-02-20 13:34:28 +00:00
|
|
|
"crypto/x509"
|
2018-03-21 16:11:04 +00:00
|
|
|
"encoding/binary"
|
2018-03-25 10:45:54 +00:00
|
|
|
"encoding/hex"
|
2018-03-21 16:11:04 +00:00
|
|
|
"io"
|
|
|
|
|
"math/big"
|
2019-01-28 12:03:02 +00:00
|
|
|
|
2019-08-23 15:50:45 +00:00
|
|
|
"github.com/CityOfZion/neo-go/pkg/crypto/hash"
|
2019-08-27 13:29:42 +00:00
|
|
|
"github.com/CityOfZion/neo-go/pkg/crypto"
|
2019-01-28 12:03:02 +00:00
|
|
|
"github.com/pkg/errors"
|
2018-03-21 16:11:04 +00:00
|
|
|
)
|
|
|
|
|
|
2018-03-25 10:45:54 +00:00
|
|
|
// PublicKeys is a list of public keys.
|
|
|
|
|
type PublicKeys []*PublicKey
|
|
|
|
|
|
|
|
|
|
func (keys PublicKeys) Len() int { return len(keys) }
|
|
|
|
|
func (keys PublicKeys) Swap(i, j int) { keys[i], keys[j] = keys[j], keys[i] }
|
|
|
|
|
func (keys PublicKeys) Less(i, j int) bool {
|
|
|
|
|
if keys[i].X.Cmp(keys[j].X) == -1 {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
if keys[i].X.Cmp(keys[j].X) == 1 {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
if keys[i].X.Cmp(keys[j].X) == 0 {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return keys[i].Y.Cmp(keys[j].Y) == -1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// PublicKey represents a public key and provides a high level
|
|
|
|
|
// API around the ECPoint.
|
2018-03-21 16:11:04 +00:00
|
|
|
type PublicKey struct {
|
2019-08-27 13:29:42 +00:00
|
|
|
crypto.ECPoint
|
2018-03-21 16:11:04 +00:00
|
|
|
}
|
|
|
|
|
|
2018-03-25 10:45:54 +00:00
|
|
|
// NewPublicKeyFromString return a public key created from the
|
|
|
|
|
// given hex string.
|
|
|
|
|
func NewPublicKeyFromString(s string) (*PublicKey, error) {
|
|
|
|
|
b, err := hex.DecodeString(s)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-19 18:37:35 +00:00
|
|
|
pubKey := new(PublicKey)
|
2018-03-25 10:45:54 +00:00
|
|
|
if err := pubKey.DecodeBinary(bytes.NewReader(b)); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return pubKey, nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-21 16:11:04 +00:00
|
|
|
// Bytes returns the byte array representation of the public key.
|
|
|
|
|
func (p *PublicKey) Bytes() []byte {
|
2018-03-25 10:45:54 +00:00
|
|
|
if p.IsInfinity() {
|
|
|
|
|
return []byte{0x00}
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-21 16:11:04 +00:00
|
|
|
var (
|
|
|
|
|
x = p.X.Bytes()
|
|
|
|
|
paddedX = append(bytes.Repeat([]byte{0x00}, 32-len(x)), x...)
|
|
|
|
|
prefix = byte(0x03)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if p.Y.Bit(0) == 0 {
|
|
|
|
|
prefix = byte(0x02)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return append([]byte{prefix}, paddedX...)
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-20 13:34:28 +00:00
|
|
|
// NewPublicKeyFromRawBytes returns a NEO PublicKey from the ASN.1 serialized keys.
|
|
|
|
|
func NewPublicKeyFromRawBytes(data []byte) (*PublicKey, error) {
|
|
|
|
|
var (
|
|
|
|
|
err error
|
|
|
|
|
pubkey interface{}
|
|
|
|
|
)
|
|
|
|
|
if pubkey, err = x509.ParsePKIXPublicKey(data); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
pk, ok := pubkey.(*ecdsa.PublicKey)
|
|
|
|
|
if !ok {
|
|
|
|
|
return nil, errors.New("given bytes aren't ECDSA public key")
|
|
|
|
|
}
|
|
|
|
|
key := PublicKey{
|
2019-08-27 13:29:42 +00:00
|
|
|
crypto.ECPoint{
|
2019-02-20 13:34:28 +00:00
|
|
|
X: pk.X,
|
|
|
|
|
Y: pk.Y,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
return &key, nil
|
|
|
|
|
}
|
|
|
|
|
|
2019-01-28 12:03:02 +00:00
|
|
|
// DecodeBytes decodes a PublicKey from the given slice of bytes.
|
|
|
|
|
func (p *PublicKey) DecodeBytes(data []byte) error {
|
|
|
|
|
l := len(data)
|
|
|
|
|
|
|
|
|
|
switch prefix := data[0]; prefix {
|
|
|
|
|
// Infinity
|
|
|
|
|
case 0x00:
|
2019-08-27 13:29:42 +00:00
|
|
|
p.ECPoint = crypto.ECPoint{}
|
2019-01-28 12:03:02 +00:00
|
|
|
// Compressed public keys
|
|
|
|
|
case 0x02, 0x03:
|
|
|
|
|
if l < 33 {
|
|
|
|
|
return errors.Errorf("bad binary size(%d)", l)
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-27 13:29:42 +00:00
|
|
|
c := crypto.NewEllipticCurve()
|
2019-01-28 12:03:02 +00:00
|
|
|
var err error
|
|
|
|
|
p.ECPoint, err = c.Decompress(new(big.Int).SetBytes(data[1:]), uint(prefix&0x1))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
case 0x04:
|
|
|
|
|
if l < 66 {
|
|
|
|
|
return errors.Errorf("bad binary size(%d)", l)
|
|
|
|
|
}
|
|
|
|
|
p.X = new(big.Int).SetBytes(data[2:34])
|
|
|
|
|
p.Y = new(big.Int).SetBytes(data[34:66])
|
|
|
|
|
default:
|
|
|
|
|
return errors.Errorf("invalid prefix %d", prefix)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-21 16:11:04 +00:00
|
|
|
// DecodeBinary decodes a PublicKey from the given io.Reader.
|
|
|
|
|
func (p *PublicKey) DecodeBinary(r io.Reader) error {
|
2019-01-28 12:03:02 +00:00
|
|
|
var prefix, size uint8
|
|
|
|
|
|
2018-03-21 16:11:04 +00:00
|
|
|
if err := binary.Read(r, binary.LittleEndian, &prefix); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-25 10:45:54 +00:00
|
|
|
// Infinity
|
2019-01-28 12:03:02 +00:00
|
|
|
switch prefix {
|
|
|
|
|
case 0x00:
|
2019-08-27 13:29:42 +00:00
|
|
|
p.ECPoint = crypto.ECPoint{}
|
2018-03-25 10:45:54 +00:00
|
|
|
return nil
|
2019-01-28 12:03:02 +00:00
|
|
|
// Compressed public keys
|
|
|
|
|
case 0x02, 0x03:
|
|
|
|
|
size = 32
|
|
|
|
|
case 0x04:
|
|
|
|
|
size = 65
|
|
|
|
|
default:
|
|
|
|
|
return errors.Errorf("invalid prefix %d", prefix)
|
2018-03-25 10:45:54 +00:00
|
|
|
}
|
|
|
|
|
|
2019-01-28 12:03:02 +00:00
|
|
|
data := make([]byte, size+1) // prefix + size
|
2018-03-21 16:11:04 +00:00
|
|
|
|
2019-01-28 12:03:02 +00:00
|
|
|
if _, err := io.ReadFull(r, data[1:]); err != nil {
|
|
|
|
|
return err
|
2018-03-21 16:11:04 +00:00
|
|
|
}
|
|
|
|
|
|
2019-01-28 12:03:02 +00:00
|
|
|
data[0] = prefix
|
|
|
|
|
|
|
|
|
|
return p.DecodeBytes(data)
|
2018-03-21 16:11:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// EncodeBinary encodes a PublicKey to the given io.Writer.
|
|
|
|
|
func (p *PublicKey) EncodeBinary(w io.Writer) error {
|
|
|
|
|
return binary.Write(w, binary.LittleEndian, p.Bytes())
|
|
|
|
|
}
|
2019-02-19 18:37:35 +00:00
|
|
|
|
2019-08-27 14:16:33 +00:00
|
|
|
func (p *PublicKey) Signature() []byte {
|
2019-02-19 18:37:35 +00:00
|
|
|
b := p.Bytes()
|
|
|
|
|
b = append([]byte{0x21}, b...)
|
|
|
|
|
b = append(b, 0xAC)
|
|
|
|
|
|
2019-08-23 15:50:45 +00:00
|
|
|
sig := hash.Hash160(b)
|
2019-02-19 18:37:35 +00:00
|
|
|
|
2019-08-27 14:16:33 +00:00
|
|
|
return sig.Bytes()
|
2019-02-19 18:37:35 +00:00
|
|
|
}
|
|
|
|
|
|
2019-08-27 14:16:33 +00:00
|
|
|
func (p *PublicKey) Address() string {
|
|
|
|
|
var b []byte = p.Signature()
|
2019-02-19 18:37:35 +00:00
|
|
|
|
|
|
|
|
b = append([]byte{0x17}, b...)
|
2019-08-23 15:50:45 +00:00
|
|
|
csum := hash.Checksum(b)
|
|
|
|
|
b = append(b, csum...)
|
2019-02-19 18:37:35 +00:00
|
|
|
|
2019-08-27 13:29:42 +00:00
|
|
|
address := crypto.Base58Encode(b)
|
2019-08-27 14:16:33 +00:00
|
|
|
return address
|
2019-02-19 18:37:35 +00:00
|
|
|
}
|
2019-08-27 13:29:42 +00:00
|
|
|
|
|
|
|
|
// Verify returns true if the signature is valid and corresponds
|
|
|
|
|
// to the hash and public key
|
|
|
|
|
func (p *PublicKey) Verify(signature []byte, hash []byte) bool {
|
|
|
|
|
|
|
|
|
|
publicKey := &ecdsa.PublicKey{}
|
|
|
|
|
publicKey.Curve = elliptic.P256()
|
|
|
|
|
publicKey.X = p.X
|
|
|
|
|
publicKey.Y = p.Y
|
|
|
|
|
if p.X == nil || p.Y == nil {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
rBytes := new(big.Int).SetBytes(signature[0:32])
|
|
|
|
|
sBytes := new(big.Int).SetBytes(signature[32:64])
|
|
|
|
|
return ecdsa.Verify(publicKey, hash, rBytes, sBytes)
|
|
|
|
|
}
|
