Class: Bitcoin::Key

Inherits:

Object

• Object
• Bitcoin::Key

Defined in:

lib/bitcoin/key.rb

Overview

bitcoin key class

Constant Summary

PUBLIC_KEY_SIZE =

65

COMPRESSED_PUBLIC_KEY_SIZE =

33

SIGNATURE_SIZE =

72

COMPACT_SIGNATURE_SIZE =

65

TYPES =

{uncompressed: 0x00, compressed: 0x01, p2pkh: 0x10, p2wpkh: 0x11, p2wpkh_p2sh: 0x12}

MIN_PRIV_KEY_MOD_ORDER =

0x01

MAX_PRIV_KEY_MOD_ORDER =

Order of secp256k1’s generator minus 1.

ECDSA::Group::Secp256k1.order - 1

Instance Attribute Summary

• #key_type ⇒ Object

  Returns the value of attribute key_type.

• #priv_key ⇒ Object

  Returns the value of attribute priv_key.

• #pubkey ⇒ Object

  Returns the value of attribute pubkey.

• #secp256k1_module ⇒ Object readonly

  Returns the value of attribute secp256k1_module.

Class Method Summary

• .compress_or_uncompress_pubkey?(pubkey) ⇒ Boolean

  check pubkey (hex) is compress or uncompress pubkey.

• .compress_pubkey?(pubkey) ⇒ Boolean

  check pubkey (hex) is compress pubkey.

• .from_wif(wif) ⇒ Object

  import private key from wif format en.bitcoin.it/wiki/Wallet_import_format.

• .generate(key_type = TYPES[:compressed]) ⇒ Object

  generate key pair.

• .low_signature?(sig) ⇒ Boolean

  check sig is low.

• .valid_signature_encoding?(sig) ⇒ Boolean

  check sig is correct der encoding.

Instance Method Summary

• #compressed? ⇒ Boolean
• #fully_valid_pubkey? ⇒ Boolean

  fully validate whether this is a valid public key (more expensive than IsValid()).

• #hash160 ⇒ Object

  get hash160 public key.

• #initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true) ⇒ Bitcoin::Key constructor

  initialize private key.

• #sign(data, low_r = true, extra_entropy = nil) ⇒ String

  sign data with private key.

• #to_nested_p2wpkh ⇒ Object deprecated Deprecated.
• #to_p2pkh ⇒ Object deprecated Deprecated.
• #to_p2wpkh ⇒ Object deprecated Deprecated.
• #to_point ⇒ ECDSA::Point

  generate pubkey ec point.

• #to_wif ⇒ Object

  export private key with wif format.

• #verify(sig, origin) ⇒ Boolean

  verify signature using public key.

Constructor Details

#initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true) ⇒ Bitcoin::Key

initialize private key

Parameters:

• priv_key (String) (defaults to: nil) —

  a private key with hex format.

• pubkey (String) (defaults to: nil) —

  a public key with hex format.

• key_type (Integer) (defaults to: nil) —

  a key type which determine address type.

• compressed (Boolean) (defaults to: true) —

  Deprecated

  whether public key is compressed.

# File 'lib/bitcoin/key.rb', line 31

def initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true)
  puts "[Warning] Use key_type parameter instead of compressed. compressed parameter removed in the future." if key_type.nil? && !compressed.nil? && pubkey.nil?
  if key_type
    @key_type = key_type
    compressed = @key_type != TYPES[:uncompressed]
  else
    @key_type = compressed ? TYPES[:compressed] : TYPES[:uncompressed]
  end
  @secp256k1_module =  Bitcoin.secp_impl
  @priv_key = priv_key
  if @priv_key
    raise ArgumentError, 'private key is not on curve' unless validate_private_key_range(@priv_key)
  end
  if pubkey
    @pubkey = pubkey
  else
    @pubkey = generate_pubkey(priv_key, compressed: compressed) if priv_key
  end
end

Instance Attribute Details

#key_type ⇒ Object

Returns the value of attribute key_type.

# File 'lib/bitcoin/key.rb', line 16

def key_type
  @key_type
end

#priv_key ⇒ Object

Returns the value of attribute priv_key.

# File 'lib/bitcoin/key.rb', line 14

def priv_key
  @priv_key
end

#pubkey ⇒ Object

Returns the value of attribute pubkey.

# File 'lib/bitcoin/key.rb', line 15

def pubkey
  @pubkey
end

#secp256k1_module ⇒ Object (readonly)

Returns the value of attribute secp256k1_module.

# File 'lib/bitcoin/key.rb', line 17

def secp256k1_module
  @secp256k1_module
end

Class Method Details

.compress_or_uncompress_pubkey?(pubkey) ⇒ Boolean

check pubkey (hex) is compress or uncompress pubkey.

Returns:

• (Boolean)

# File 'lib/bitcoin/key.rb', line 156

def self.compress_or_uncompress_pubkey?(pubkey)
  p = pubkey.htb
  return false if p.bytesize < COMPRESSED_PUBLIC_KEY_SIZE
  case p[0]
    when "\x04"
      return false unless p.bytesize == PUBLIC_KEY_SIZE
    when "\x02", "\x03"
      return false unless p.bytesize == COMPRESSED_PUBLIC_KEY_SIZE
    else
      return false
  end
  true
end

.compress_pubkey?(pubkey) ⇒ Boolean

check pubkey (hex) is compress pubkey.

Returns:

• (Boolean)

# File 'lib/bitcoin/key.rb', line 171

def self.compress_pubkey?(pubkey)
  p = pubkey.htb
  p.bytesize == COMPRESSED_PUBLIC_KEY_SIZE && ["\x02", "\x03"].include?(p[0])
end

.from_wif(wif) ⇒ Object

import private key from wif format en.bitcoin.it/wiki/Wallet_import_format

Raises:

• (ArgumentError)

# File 'lib/bitcoin/key.rb', line 59

def self.from_wif(wif)
  hex = Base58.decode(wif)
  raise ArgumentError, 'data is too short' if hex.htb.bytesize < 4
  version = hex[0..1]
  data = hex[2...-8].htb
  checksum = hex[-8..-1]
  raise ArgumentError, 'invalid version' unless version == Bitcoin.chain_params.privkey_version
  raise ArgumentError, 'invalid checksum' unless Bitcoin.calc_checksum(version + data.bth) == checksum
  key_len = data.bytesize
  if key_len == COMPRESSED_PUBLIC_KEY_SIZE && data[-1].unpack('C').first == 1
    key_type = TYPES[:compressed]
    data = data[0..-2]
  elsif key_len == 32
    key_type = TYPES[:uncompressed]
  else
    raise ArgumentError, 'Wrong number of bytes for a private key, not 32 or 33'
  end
  new(priv_key: data.bth, key_type: key_type)
end

.generate(key_type = TYPES[:compressed]) ⇒ Object

generate key pair

# File 'lib/bitcoin/key.rb', line 52

def self.generate(key_type = TYPES[:compressed])
  priv_key, pubkey = Bitcoin.secp_impl.generate_key_pair
  new(priv_key: priv_key, pubkey: pubkey, key_type: key_type)
end

.low_signature?(sig) ⇒ Boolean

check sig is low.

Returns:

• (Boolean)

# File 'lib/bitcoin/key.rb', line 177

def self.low_signature?(sig)
  s = sig.unpack('C*')
  len_r = s[3]
  len_s = s[5 + len_r]
  val_s = s.slice(6 + len_r, len_s)
  max_mod_half_order = [
      0x7f,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
      0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
      0x5d,0x57,0x6e,0x73,0x57,0xa4,0x50,0x1d,
      0xdf,0xe9,0x2f,0x46,0x68,0x1b,0x20,0xa0]
  compare_big_endian(val_s, [0]) > 0 &&
      compare_big_endian(val_s, max_mod_half_order) <= 0
end

.valid_signature_encoding?(sig) ⇒ Boolean

check sig is correct der encoding. This function is consensus-critical since BIP66.

Returns:

• (Boolean)

# File 'lib/bitcoin/key.rb', line 194

def self.valid_signature_encoding?(sig)
  return false if sig.bytesize < 9 || sig.bytesize > 73 # Minimum and maximum size check

  s = sig.unpack('C*')

  return false if s[0] != 0x30 || s[1] != s.size - 3 # A signature is of type 0x30 (compound). Make sure the length covers the entire signature.

  len_r = s[3]
  return false if 5 + len_r >= s.size # Make sure the length of the S element is still inside the signature.

  len_s = s[5 + len_r]
  return false unless len_r + len_s + 7 == s.size #Verify that the length of the signature matches the sum of the length of the elements.

  return false unless s[2] == 0x02 # Check whether the R element is an integer.

  return false if len_r == 0 # Zero-length integers are not allowed for R.

  return false unless s[4] & 0x80 == 0 # Negative numbers are not allowed for R.

  # Null bytes at the start of R are not allowed, unless R would otherwise be interpreted as a negative number.
  return false if len_r > 1 && (s[4] == 0x00) && (s[5] & 0x80 == 0)

  return false unless s[len_r + 4] == 0x02 # Check whether the S element is an integer.

  return false if len_s == 0 # Zero-length integers are not allowed for S.
  return false unless (s[len_r + 6] & 0x80) == 0 # Negative numbers are not allowed for S.

  # Null bytes at the start of S are not allowed, unless S would otherwise be interpreted as a negative number.
  return false if len_s > 1 && (s[len_r + 6] == 0x00) && (s[len_r + 7] & 0x80 == 0)

  true
end

Instance Method Details

#compressed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/bitcoin/key.rb', line 143

def compressed?
  key_type != TYPES[:uncompressed]
end

#fully_valid_pubkey? ⇒ Boolean

fully validate whether this is a valid public key (more expensive than IsValid())

Returns:

• (Boolean)

# File 'lib/bitcoin/key.rb', line 228

def fully_valid_pubkey?
  return false unless valid_pubkey?
  point = ECDSA::Format::PointOctetString.decode(pubkey.htb, ECDSA::Group::Secp256k1)
  ECDSA::Group::Secp256k1.valid_public_key?(point)
end

#hash160 ⇒ Object

get hash160 public key.

# File 'lib/bitcoin/key.rb', line 121

def hash160
  Bitcoin.hash160(pubkey)
end

#sign(data, low_r = true, extra_entropy = nil) ⇒ String

sign data with private key

Parameters:

• data (String) —

  a data to be signed with binary format

• low_r (Boolean) (defaults to: true) —

  flag to apply low-R.

• extra_entropy (String) (defaults to: nil) —

  the extra entropy for rfc6979.

Returns:

• (String) —

  signature data with binary format

# File 'lib/bitcoin/key.rb', line 93

def sign(data, low_r = true, extra_entropy = nil)
  sig = secp256k1_module.sign_data(data, priv_key, extra_entropy)
  if low_r && !sig_has_low_r?(sig)
    counter = 1
    until sig_has_low_r?(sig)
      extra_entropy = [counter].pack('I*').bth.ljust(64, '0').htb
      sig = secp256k1_module.sign_data(data, priv_key, extra_entropy)
      counter += 1
    end
  end
  sig
end

#to_nested_p2wpkh ⇒ Object

Deprecated.

get p2wpkh address nested in p2sh.

# File 'lib/bitcoin/key.rb', line 139

def to_nested_p2wpkh
  Bitcoin::Script.to_p2wpkh(hash160).to_p2sh.addresses.first
end

#to_p2pkh ⇒ Object

Deprecated.

get pay to pubkey hash address

# File 'lib/bitcoin/key.rb', line 127

def to_p2pkh
  Bitcoin::Script.to_p2pkh(hash160).addresses.first
end

#to_p2wpkh ⇒ Object

Deprecated.

get pay to witness pubkey hash address

# File 'lib/bitcoin/key.rb', line 133

def to_p2wpkh
  Bitcoin::Script.to_p2wpkh(hash160).addresses.first
end

#to_point ⇒ ECDSA::Point

generate pubkey ec point

Returns:

• (ECDSA::Point)

# File 'lib/bitcoin/key.rb', line 149

def to_point
  p = pubkey
  p ||= generate_pubkey(priv_key, compressed: compressed)
  ECDSA::Format::PointOctetString.decode(p.htb, Bitcoin::Secp256k1::GROUP)
end

#to_wif ⇒ Object

export private key with wif format

# File 'lib/bitcoin/key.rb', line 80

def to_wif
  version = Bitcoin.chain_params.privkey_version
  hex = version + priv_key
  hex += '01' if compressed?
  hex += Bitcoin.calc_checksum(hex)
  Base58.encode(hex)
end

#verify(sig, origin) ⇒ Boolean

verify signature using public key

Parameters:

• sig (String) —

  signature data with binary format

• origin (String) —

  original message

Returns:

• (Boolean) —

  verify result

# File 'lib/bitcoin/key.rb', line 110

def verify(sig, origin)
  return false unless valid_pubkey?
  begin
    sig = ecdsa_signature_parse_der_lax(sig)
    secp256k1_module.verify_sig(origin, sig, pubkey)
  rescue Exception
    false
  end
end