Class: Bitcoin::Key

Inherits:
Object show all
Defined in:
lib/bitcoin/key.rb

Overview

bitcoin key class

Constant Summary collapse

PUBLIC_KEY_SIZE = 
65
COMPRESSED_PUBLIC_KEY_SIZE = 
33
SIGNATURE_SIZE = 
72
COMPACT_SIGNATURE_SIZE = 
65
TYPES = 
{uncompressed: 0x00, compressed: 0x01, p2pkh: 0x10, p2wpkh: 0x11, pw2pkh_p2sh: 0x12}
MIN_PRIV_KEy_MOD_ORDER = 
0x01
MAX_PRIV_KEY_MOD_ORDER =

Order of secp256k1’s generator minus 1.

ECDSA::Group::Secp256k1.order - 1

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true) ⇒ Bitcoin::Key

initialize private key

Parameters:

  • priv_key (String) (defaults to: nil)

    a private key with hex format.

  • pubkey (String) (defaults to: nil)

    a public key with hex format.

  • key_type (Integer) (defaults to: nil)

    a key type which determine address type.

  • compressed (Boolean) (defaults to: true)
    Deprecated

    whether public key is compressed.



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/bitcoin/key.rb', line 31

def initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true)
  puts "[Warning] Use key_type parameter instead of compressed. compressed parameter removed in the future." if key_type.nil? && !compressed.nil? && pubkey.nil?
  if key_type
    @key_type = key_type
    compressed = @key_type != TYPES[:uncompressed]
  else
    @key_type = compressed ? TYPES[:compressed] : TYPES[:uncompressed]
  end
  @secp256k1_module =  Bitcoin.secp_impl
  @priv_key = priv_key
  if @priv_key
    raise ArgumentError, 'private key is not on curve' unless validate_private_key_range(@priv_key)
  end
  if pubkey
    @pubkey = pubkey
  else
    @pubkey = generate_pubkey(priv_key, compressed: compressed) if priv_key
  end
end

Instance Attribute Details

#key_typeObject

Returns the value of attribute key_type.



16
17
18
 
# File 'lib/bitcoin/key.rb', line 16

def key_type
  @key_type
end

#priv_keyObject

Returns the value of attribute priv_key.



14
15
16
 
# File 'lib/bitcoin/key.rb', line 14

def priv_key
  @priv_key
end

#pubkeyObject

Returns the value of attribute pubkey.



15
16
17
 
# File 'lib/bitcoin/key.rb', line 15

def pubkey
  @pubkey
end

#secp256k1_moduleObject (readonly)

Returns the value of attribute secp256k1_module.



17
18
19
 
# File 'lib/bitcoin/key.rb', line 17

def secp256k1_module
  @secp256k1_module
end

Class Method Details

.compress_or_uncompress_pubkey?(pubkey) ⇒ Boolean

check pubkey (hex) is compress or uncompress pubkey.

Returns:

  • (Boolean) 


145
146
147
148
149
150
151
152
153
154
155
156
157
 
# File 'lib/bitcoin/key.rb', line 145

def self.compress_or_uncompress_pubkey?(pubkey)
  p = pubkey.htb
  return false if p.bytesize < COMPRESSED_PUBLIC_KEY_SIZE
  case p[0]
    when "\x04"
      return false unless p.bytesize == PUBLIC_KEY_SIZE
    when "\x02", "\x03"
      return false unless p.bytesize == COMPRESSED_PUBLIC_KEY_SIZE
    else
      return false
  end
  true
end

.compress_pubkey?(pubkey) ⇒ Boolean

check pubkey (hex) is compress pubkey.

Returns:

  • (Boolean) 


160
161
162
163
 
# File 'lib/bitcoin/key.rb', line 160

def self.compress_pubkey?(pubkey)
  p = pubkey.htb
  p.bytesize == COMPRESSED_PUBLIC_KEY_SIZE && ["\x02", "\x03"].include?(p[0])
end

.from_wif(wif) ⇒ Object

import private key from wif format en.bitcoin.it/wiki/Wallet_import_format

Raises:

  • (ArgumentError) 


59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/bitcoin/key.rb', line 59

def self.from_wif(wif)
  hex = Base58.decode(wif)
  raise ArgumentError, 'data is too short' if hex.htb.bytesize < 4
  version = hex[0..1]
  data = hex[2...-8].htb
  checksum = hex[-8..-1]
  raise ArgumentError, 'invalid version' unless version == Bitcoin.chain_params.privkey_version
  raise ArgumentError, 'invalid checksum' unless Bitcoin.calc_checksum(version + data.bth) == checksum
  key_len = data.bytesize
  if key_len == COMPRESSED_PUBLIC_KEY_SIZE && data[-1].unpack('C').first == 1
    key_type = TYPES[:compressed]
    data = data[0..-2]
  elsif key_len == 32
    key_type = TYPES[:uncompressed]
  else
    raise ArgumentError, 'Wrong number of bytes for a private key, not 32 or 33'
  end
  new(priv_key: data.bth, key_type: key_type)
end

.generate(key_type = TYPES[:compressed]) ⇒ Object

generate key pair



52
53
54
55
 
# File 'lib/bitcoin/key.rb', line 52

def self.generate(key_type = TYPES[:compressed])
  priv_key, pubkey = Bitcoin.secp_impl.generate_key_pair
  new(priv_key: priv_key, pubkey: pubkey, key_type: key_type)
end

.low_signature?(sig) ⇒ Boolean

check sig is low.

Returns:

  • (Boolean) 


166
167
168
169
170
171
172
173
174
175
176
177
178
 
# File 'lib/bitcoin/key.rb', line 166

def self.low_signature?(sig)
  s = sig.unpack('C*')
  len_r = s[3]
  len_s = s[5 + len_r]
  val_s = s.slice(6 + len_r, len_s)
  max_mod_half_order = [
      0x7f,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
      0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
      0x5d,0x57,0x6e,0x73,0x57,0xa4,0x50,0x1d,
      0xdf,0xe9,0x2f,0x46,0x68,0x1b,0x20,0xa0]
  compare_big_endian(val_s, [0]) > 0 &&
      compare_big_endian(val_s, max_mod_half_order) <= 0
end

.valid_signature_encoding?(sig) ⇒ Boolean

check sig is correct der encoding. This function is consensus-critical since BIP66.

Returns:

  • (Boolean) 


183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
 
# File 'lib/bitcoin/key.rb', line 183

def self.valid_signature_encoding?(sig)
  return false if sig.bytesize < 9 || sig.bytesize > 73 # Minimum and maximum size check

  s = sig.unpack('C*')

  return false if s[0] != 0x30 || s[1] != s.size - 3 # A signature is of type 0x30 (compound). Make sure the length covers the entire signature.

  len_r = s[3]
  return false if 5 + len_r >= s.size # Make sure the length of the S element is still inside the signature.

  len_s = s[5 + len_r]
  return false unless len_r + len_s + 7 == s.size #Verify that the length of the signature matches the sum of the length of the elements.

  return false unless s[2] == 0x02 # Check whether the R element is an integer.

  return false if len_r == 0 # Zero-length integers are not allowed for R.

  return false unless s[4] & 0x80 == 0 # Negative numbers are not allowed for R.

  # Null bytes at the start of R are not allowed, unless R would otherwise be interpreted as a negative number.
  return false if len_r > 1 && (s[4] == 0x00) && (s[5] & 0x80 == 0)

  return false unless s[len_r + 4] == 0x02 # Check whether the S element is an integer.

  return false if len_s == 0 # Zero-length integers are not allowed for S.
  return false unless (s[len_r + 6] & 0x80) == 0 # Negative numbers are not allowed for S.

  # Null bytes at the start of S are not allowed, unless S would otherwise be interpreted as a negative number.
  return false if len_s > 1 && (s[len_r + 6] == 0x00) && (s[len_r + 7] & 0x80 == 0)

  true
end

Instance Method Details

#compressed?Boolean

Returns:

  • (Boolean) 


132
133
134
 
# File 'lib/bitcoin/key.rb', line 132

def compressed?
  key_type != TYPES[:uncompressed]
end

#fully_valid_pubkey?Boolean

fully validate whether this is a valid public key (more expensive than IsValid())

Returns:

  • (Boolean) 


217
218
219
220
221
 
# File 'lib/bitcoin/key.rb', line 217

def fully_valid_pubkey?
  return false unless valid_pubkey?
  point = ECDSA::Format::PointOctetString.decode(pubkey.htb, ECDSA::Group::Secp256k1)
  ECDSA::Group::Secp256k1.valid_public_key?(point)
end

#hash160Object

get hash160 public key.



110
111
112
 
# File 'lib/bitcoin/key.rb', line 110

def hash160
  Bitcoin.hash160(pubkey)
end

#sign(data) ⇒ String

sign data with private key

Parameters:

  • data (String)

    a data to be signed with binary format

Returns:

  • (String)

    signature data with binary format



91
92
93
 
# File 'lib/bitcoin/key.rb', line 91

def sign(data)
  secp256k1_module.sign_data(data, priv_key)
end

#to_nested_p2wpkhObject

Deprecated.

get p2wpkh address nested in p2sh.



128
129
130
 
# File 'lib/bitcoin/key.rb', line 128

def to_nested_p2wpkh
  Bitcoin::Script.to_p2wpkh(hash160).to_p2sh.addresses.first
end

#to_p2pkhObject

Deprecated.

get pay to pubkey hash address



116
117
118
 
# File 'lib/bitcoin/key.rb', line 116

def to_p2pkh
  Bitcoin::Script.to_p2pkh(hash160).addresses.first
end

#to_p2wpkhObject

Deprecated.

get pay to witness pubkey hash address



122
123
124
 
# File 'lib/bitcoin/key.rb', line 122

def to_p2wpkh
  Bitcoin::Script.to_p2wpkh(hash160).addresses.first
end

#to_pointECDSA::Point

generate pubkey ec point

Returns:

  • (ECDSA::Point) 


138
139
140
141
142
 
# File 'lib/bitcoin/key.rb', line 138

def to_point
  p = pubkey
  p ||= generate_pubkey(priv_key, compressed: compressed)
  ECDSA::Format::PointOctetString.decode(p.htb, Bitcoin::Secp256k1::GROUP)
end

#to_wifObject

export private key with wif format



80
81
82
83
84
85
86
 
# File 'lib/bitcoin/key.rb', line 80

def to_wif
  version = Bitcoin.chain_params.privkey_version
  hex = version + priv_key
  hex += '01' if compressed?
  hex += Bitcoin.calc_checksum(hex)
  Base58.encode(hex)
end

#verify(sig, origin) ⇒ Boolean

verify signature using public key

Parameters:

  • sig (String)

    signature data with binary format

  • origin (String)

    original message

Returns:

  • (Boolean)

    verify result



99
100
101
102
103
104
105
106
107
 
# File 'lib/bitcoin/key.rb', line 99

def verify(sig, origin)
  return false unless valid_pubkey?
  begin
    sig = ecdsa_signature_parse_der_lax(sig)
    secp256k1_module.verify_sig(origin, sig, pubkey)
  rescue Exception
    false
  end
end