dogecoin/src/key.cpp

// Copyright (c) 2009-2014 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include "key.h"

#include "arith_uint256.h"
#include "crypto/common.h"
#include "crypto/hmac_sha512.h"
#include "eccryptoverify.h"
#include "pubkey.h"
#include "random.h"

#include <secp256k1.h>
#include "ecwrapper.h"

//! anonymous namespace
namespace {

class CSecp256k1Init {
public:
    CSecp256k1Init() {
        secp256k1_start(SECP256K1_START_SIGN);
    }
    ~CSecp256k1Init() {
        secp256k1_stop();
    }
};
static CSecp256k1Init instance_of_csecp256k1;

} // anon namespace

bool CKey::Check(const unsigned char *vch) {
    return eccrypto::Check(vch);
}

void CKey::MakeNewKey(bool fCompressedIn) {
    RandAddSeedPerfmon();
    do {
        GetRandBytes(vch, sizeof(vch));
    } while (!Check(vch));
    fValid = true;
    fCompressed = fCompressedIn;
}

bool CKey::SetPrivKey(const CPrivKey &privkey, bool fCompressedIn) {
    if (!secp256k1_ec_privkey_import((unsigned char*)begin(), &privkey[0], privkey.size()))
        return false;
    fCompressed = fCompressedIn;
    fValid = true;
    return true;
}

CPrivKey CKey::GetPrivKey() const {
    assert(fValid);
    CPrivKey privkey;
    int privkeylen, ret;
    privkey.resize(279);
    privkeylen = 279;
    ret = secp256k1_ec_privkey_export(begin(), (unsigned char*)&privkey[0], &privkeylen, fCompressed);
    assert(ret);
    privkey.resize(privkeylen);
    return privkey;
}

CPubKey CKey::GetPubKey() const {
    assert(fValid);
    CPubKey result;
    int clen = 65;
    int ret = secp256k1_ec_pubkey_create((unsigned char*)result.begin(), &clen, begin(), fCompressed);
    assert((int)result.size() == clen);
    assert(ret);
    assert(result.IsValid());
    return result;
}

bool CKey::Sign(const uint256 &hash, std::vector<unsigned char>& vchSig, uint32_t test_case) const {
    if (!fValid)
        return false;
    vchSig.resize(72);
    int nSigLen = 72;
    unsigned char extra_entropy[32] = {0};
    WriteLE32(extra_entropy, test_case);
    int ret = secp256k1_ecdsa_sign(hash.begin(), (unsigned char*)&vchSig[0], &nSigLen, begin(), secp256k1_nonce_function_rfc6979, test_case ? extra_entropy : NULL);
    assert(ret);
    vchSig.resize(nSigLen);
    return true;
}

bool CKey::VerifyPubKey(const CPubKey& pubkey) const {
    if (pubkey.IsCompressed() != fCompressed) {
        return false;
    }
    unsigned char rnd[8];
    std::string str = "Bitcoin key verification\n";
    GetRandBytes(rnd, sizeof(rnd));
    uint256 hash;
    CHash256().Write((unsigned char*)str.data(), str.size()).Write(rnd, sizeof(rnd)).Finalize(hash.begin());
    std::vector<unsigned char> vchSig;
    Sign(hash, vchSig);
    return pubkey.Verify(hash, vchSig);
}

bool CKey::SignCompact(const uint256 &hash, std::vector<unsigned char>& vchSig) const {
    if (!fValid)
        return false;
    vchSig.resize(65);
    int rec = -1;
    int ret = secp256k1_ecdsa_sign_compact(hash.begin(), &vchSig[1], begin(), secp256k1_nonce_function_rfc6979, NULL, &rec);
    assert(ret);
    assert(rec != -1);
    vchSig[0] = 27 + rec + (fCompressed ? 4 : 0);
    return true;
}

bool CKey::Load(CPrivKey &privkey, CPubKey &vchPubKey, bool fSkipCheck=false) {
    if (!secp256k1_ec_privkey_import((unsigned char*)begin(), &privkey[0], privkey.size()))
        return false;
    fCompressed = vchPubKey.IsCompressed();
    fValid = true;

    if (fSkipCheck)
        return true;

    return VerifyPubKey(vchPubKey);
}

bool CKey::Derive(CKey& keyChild, unsigned char ccChild[32], unsigned int nChild, const unsigned char cc[32]) const {
    assert(IsValid());
    assert(IsCompressed());
    unsigned char out[64];
    LockObject(out);
    if ((nChild >> 31) == 0) {
        CPubKey pubkey = GetPubKey();
        assert(pubkey.begin() + 33 == pubkey.end());
        BIP32Hash(cc, nChild, *pubkey.begin(), pubkey.begin()+1, out);
    } else {
        assert(begin() + 32 == end());
        BIP32Hash(cc, nChild, 0, begin(), out);
    }
    memcpy(ccChild, out+32, 32);
    memcpy((unsigned char*)keyChild.begin(), begin(), 32);
    bool ret = secp256k1_ec_privkey_tweak_add((unsigned char*)keyChild.begin(), out);
    UnlockObject(out);
    keyChild.fCompressed = true;
    keyChild.fValid = ret;
    return ret;
}

bool CExtKey::Derive(CExtKey &out, unsigned int nChild) const {
    out.nDepth = nDepth + 1;
    CKeyID id = key.GetPubKey().GetID();
    memcpy(&out.vchFingerprint[0], &id, 4);
    out.nChild = nChild;
    return key.Derive(out.key, out.chaincode.data, nChild, chaincode.data);
}

void CExtKey::SetMaster(const unsigned char *seed, unsigned int nSeedLen) {
    static const unsigned char hashkey[] = {'B','i','t','c','o','i','n',' ','s','e','e','d'};
    unsigned char out[64];
    LockObject(out);
    CHMAC_SHA512(hashkey, sizeof(hashkey)).Write(seed, nSeedLen).Finalize(out);
    key.Set(&out[0], &out[32], true);
    memcpy(chaincode.data, &out[32], 32);
    UnlockObject(out);
    nDepth = 0;
    nChild = 0;
    memset(vchFingerprint, 0, sizeof(vchFingerprint));
}

CExtPubKey CExtKey::Neuter() const {
    CExtPubKey ret;
    ret.nDepth = nDepth;
    memcpy(&ret.vchFingerprint[0], &vchFingerprint[0], 4);
    ret.nChild = nChild;
    ret.pubkey = key.GetPubKey();
    memcpy(&ret.chaincode.data[0], &chaincode.data[0], 32);
    return ret;
}

void CExtKey::Encode(unsigned char code[74]) const {
    code[0] = nDepth;
    memcpy(code+1, vchFingerprint, 4);
    code[5] = (nChild >> 24) & 0xFF; code[6] = (nChild >> 16) & 0xFF;
    code[7] = (nChild >>  8) & 0xFF; code[8] = (nChild >>  0) & 0xFF;
    memcpy(code+9, chaincode.data, 32);
    code[41] = 0;
    assert(key.size() == 32);
    memcpy(code+42, key.begin(), 32);
}

void CExtKey::Decode(const unsigned char code[74]) {
    nDepth = code[0];
    memcpy(vchFingerprint, code+1, 4);
    nChild = (code[5] << 24) | (code[6] << 16) | (code[7] << 8) | code[8];
    memcpy(chaincode.data, code+9, 32);
    key.Set(code+42, code+74, true);
}

bool ECC_InitSanityCheck() {
    if (!CECKey::SanityCheck()) {
        return false;
    }
    CKey key;
    key.MakeNewKey(true);
    CPubKey pubkey = key.GetPubKey();
    return key.VerifyPubKey(pubkey);
}
Added "Core" to copyright headers Github-Pull: #5494 Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60 2014-12-17 02:47:57 +01:00			`// Copyright (c) 2009-2014 The Bitcoin Core developers`
Update comments in key to be doxygen compatible 2014-10-26 09:33:52 +01:00			`// Distributed under the MIT software license, see the accompanying`
Update License in File Headers I originally created a pull to replace the "COPYING" in crypter.cpp and crypter.h, but it turned out that COPYING was actually the correct file. 2012-05-18 16:02:28 +02:00			`// file COPYING or http://www.opensource.org/licenses/mit-license.php.`
Add GetSecret() and GetKeys() to CKeyStore 2011-07-11 21:30:40 +02:00
Cleanup code using forward declarations. Use misc methods of avoiding unnecesary header includes. Replace int typedefs with int##_t from stdint.h. Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h. Normalize QT_VERSION ifs where possible. Resolve some indirect dependencies as direct ones. Remove extern declarations from .cpp files. 2013-04-13 07:13:08 +02:00			`#include "key.h"`

Use arith_uint256 where necessary Also add conversion from/to uint256 where needed. 2014-12-16 15:43:03 +01:00			`#include "arith_uint256.h"`
Switch test case signing to RFC6979 extra entropy Instead of manually tweaking the deterministic nonce post-generation, pass the test case number in as extra entropy to RFC6979. 2015-03-27 23:31:44 +01:00			`#include "crypto/common.h"`
Split up crypto/sha2 2014-10-26 09:23:23 +01:00			`#include "crypto/hmac_sha512.h"`
boost: moveonly: create eccryptoverify.h\|cpp and move helper functions there Eventually (after 0.10) these files will hold the logic for crypto verification routines, and CKey/CPubKey will call into them. 2014-10-21 22:05:51 +02:00			`#include "eccryptoverify.h"`
boost: moveonly: split CPubKey and friends to new files 2014-10-28 22:47:18 +01:00			`#include "pubkey.h"`
add GetRandBytes() as wrapper for RAND_bytes() - add a small wrapper in util around RAND_bytes() and replace with GetRandBytes() in the code to log errors from calling RAND_bytes() - remove OpenSSL header rand.h where no longer needed 2014-06-24 14:27:32 +02:00			`#include "random.h"`
Add a built-in SHA256/SHA512 implementation. This also moves the HMAC-SHA512 implementation to sha2.cpp. 2014-04-20 17:36:25 +02:00
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`#include <secp256k1.h>`
boost: code movement only: split CECKey into separate files 2014-10-21 21:04:03 +02:00			`#include "ecwrapper.h"`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00
Update comments in keystore to be doxygen compatible 2014-10-26 09:35:06 +01:00			`//! anonymous namespace`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`namespace {`

libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`class CSecp256k1Init {`
			`public:`
			`CSecp256k1Init() {`
Use libsecp256k1 in key.cpp 2014-11-05 18:47:06 +01:00			`secp256k1_start(SECP256K1_START_SIGN);`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`}`
			`~CSecp256k1Init() {`
			`secp256k1_stop();`
			`}`
			`};`
			`static CSecp256k1Init instance_of_csecp256k1;`

ensure clean and consistent "namespace" usage - remove some missplaced ; - ensure end of a namespace is clearly visible - use same formatting when using namespace 2014-06-24 14:17:43 +02:00			`} // anon namespace`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00
			`bool CKey::Check(const unsigned char *vch) {`
boost: moveonly: create eccryptoverify.h\|cpp and move helper functions there Eventually (after 0.10) these files will hold the logic for crypto verification routines, and CKey/CPubKey will call into them. 2014-10-21 22:05:51 +02:00			`return eccrypto::Check(vch);`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`}`

CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`void CKey::MakeNewKey(bool fCompressedIn) {`
Add RandAddSeedPerfmon to MakeNewKey 2014-12-19 02:25:04 +01:00			`RandAddSeedPerfmon();`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`do {`
add GetRandBytes() as wrapper for RAND_bytes() - add a small wrapper in util around RAND_bytes() and replace with GetRandBytes() in the code to log errors from calling RAND_bytes() - remove OpenSSL header rand.h where no longer needed 2014-06-24 14:27:32 +02:00			`GetRandBytes(vch, sizeof(vch));`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`} while (!Check(vch));`
			`fValid = true;`
			`fCompressed = fCompressedIn;`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`}`

CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`bool CKey::SetPrivKey(const CPrivKey &privkey, bool fCompressedIn) {`
Use libsecp256k1 in key.cpp 2014-11-05 18:47:06 +01:00			`if (!secp256k1_ec_privkey_import((unsigned char*)begin(), &privkey[0], privkey.size()))`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`return false;`
			`fCompressed = fCompressedIn;`
			`fValid = true;`
			`return true;`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`}`

CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`CPrivKey CKey::GetPrivKey() const {`
			`assert(fValid);`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`CPrivKey privkey;`
boost: remove CPrivKey dependency from CECKey This allows CECKey to be used without directly depending on the secure allocators 2014-10-09 22:38:38 +02:00			`int privkeylen, ret;`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`privkey.resize(279);`
boost: remove CPrivKey dependency from CECKey This allows CECKey to be used without directly depending on the secure allocators 2014-10-09 22:38:38 +02:00			`privkeylen = 279;`
Use libsecp256k1 in key.cpp 2014-11-05 18:47:06 +01:00			`ret = secp256k1_ec_privkey_export(begin(), (unsigned char*)&privkey[0], &privkeylen, fCompressed);`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`assert(ret);`
			`privkey.resize(privkeylen);`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`return privkey;`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`}`

CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`CPubKey CKey::GetPubKey() const {`
			`assert(fValid);`
boost: remove CPubKey dependency from CECKey. Follow-up of e405aa48 2014-10-21 20:38:25 +02:00			`CPubKey result;`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`int clen = 65;`
Use libsecp256k1 in key.cpp 2014-11-05 18:47:06 +01:00			`int ret = secp256k1_ec_pubkey_create((unsigned char*)result.begin(), &clen, begin(), fCompressed);`
boost: remove CPubKey dependency from CECKey. Follow-up of e405aa48 2014-10-21 20:38:25 +02:00			`assert((int)result.size() == clen);`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`assert(ret);`
boost: remove CPubKey dependency from CECKey. Follow-up of e405aa48 2014-10-21 20:38:25 +02:00			`assert(result.IsValid());`
			`return result;`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`}`

Deterministic signing 2014-11-06 15:54:50 +01:00			`bool CKey::Sign(const uint256 &hash, std::vector<unsigned char>& vchSig, uint32_t test_case) const {`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`if (!fValid)`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`return false;`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`vchSig.resize(72);`
Use libsecp256k1's RFC6979 implementation 2014-12-18 14:49:19 +01:00			`int nSigLen = 72;`
Switch test case signing to RFC6979 extra entropy Instead of manually tweaking the deterministic nonce post-generation, pass the test case number in as extra entropy to RFC6979. 2015-03-27 23:31:44 +01:00			`unsigned char extra_entropy[32] = {0};`
			`WriteLE32(extra_entropy, test_case);`
			`int ret = secp256k1_ecdsa_sign(hash.begin(), (unsigned char*)&vchSig[0], &nSigLen, begin(), secp256k1_nonce_function_rfc6979, test_case ? extra_entropy : NULL);`
Use libsecp256k1's RFC6979 implementation 2014-12-18 14:49:19 +01:00			`assert(ret);`
			`vchSig.resize(nSigLen);`
			`return true;`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`}`

Add sanity check after key generation Add a sanity check to prevent cosmic rays from flipping a bit in the generated public key, or bugs in the elliptic curve code. This is simply done by signing a (randomized) message, and verifying the result. 2014-11-06 10:17:48 +01:00			`bool CKey::VerifyPubKey(const CPubKey& pubkey) const {`
			`if (pubkey.IsCompressed() != fCompressed) {`
			`return false;`
			`}`
			`unsigned char rnd[8];`
			`std::string str = "Bitcoin key verification\n";`
			`GetRandBytes(rnd, sizeof(rnd));`
			`uint256 hash;`
Use libsecp256k1's RFC6979 implementation 2014-12-18 14:49:19 +01:00			`CHash256().Write((unsigned char*)str.data(), str.size()).Write(rnd, sizeof(rnd)).Finalize(hash.begin());`
Add sanity check after key generation Add a sanity check to prevent cosmic rays from flipping a bit in the generated public key, or bugs in the elliptic curve code. This is simply done by signing a (randomized) message, and verifying the result. 2014-11-06 10:17:48 +01:00			`std::vector<unsigned char> vchSig;`
			`Sign(hash, vchSig);`
			`return pubkey.Verify(hash, vchSig);`
			`}`

CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`bool CKey::SignCompact(const uint256 &hash, std::vector<unsigned char>& vchSig) const {`
			`if (!fValid)`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00			`return false;`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`vchSig.resize(65);`
			`int rec = -1;`
Use libsecp256k1's RFC6979 implementation 2014-12-18 14:49:19 +01:00			`int ret = secp256k1_ecdsa_sign_compact(hash.begin(), &vchSig[1], begin(), secp256k1_nonce_function_rfc6979, NULL, &rec);`
			`assert(ret);`
CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-01 06:52:05 +02:00			`assert(rec != -1);`
			`vchSig[0] = 27 + rec + (fCompressed ? 4 : 0);`
			`return true;`
			`}`
Refactor: move code from key.h to key.cpp 2012-05-16 18:36:38 +02:00
improve wallet load time by removing duplicated calls to EC_KEY_check_key and adding a hash for vchPubKey/vchPrivKey entries in wallet.dat backwards compatible with previous wallet.dat format 2013-08-29 08:53:26 +02:00			`bool CKey::Load(CPrivKey &privkey, CPubKey &vchPubKey, bool fSkipCheck=false) {`
Use libsecp256k1 in key.cpp 2014-11-05 18:47:06 +01:00			`if (!secp256k1_ec_privkey_import((unsigned char*)begin(), &privkey[0], privkey.size()))`
improve wallet load time by removing duplicated calls to EC_KEY_check_key and adding a hash for vchPubKey/vchPrivKey entries in wallet.dat backwards compatible with previous wallet.dat format 2013-08-29 08:53:26 +02:00			`return false;`
			`fCompressed = vchPubKey.IsCompressed();`
			`fValid = true;`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00
verify vchPubKey matches calculated public key unless fSkipCheck is set 2013-08-29 10:11:47 +02:00			`if (fSkipCheck)`
			`return true;`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00
Add sanity check after key generation Add a sanity check to prevent cosmic rays from flipping a bit in the generated public key, or bugs in the elliptic curve code. This is simply done by signing a (randomized) message, and verifying the result. 2014-11-06 10:17:48 +01:00			`return VerifyPubKey(vchPubKey);`
improve wallet load time by removing duplicated calls to EC_KEY_check_key and adding a hash for vchPubKey/vchPrivKey entries in wallet.dat backwards compatible with previous wallet.dat format 2013-08-29 08:53:26 +02:00			`}`

BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`bool CKey::Derive(CKey& keyChild, unsigned char ccChild[32], unsigned int nChild, const unsigned char cc[32]) const {`
			`assert(IsValid());`
			`assert(IsCompressed());`
			`unsigned char out[64];`
			`LockObject(out);`
			`if ((nChild >> 31) == 0) {`
			`CPubKey pubkey = GetPubKey();`
			`assert(pubkey.begin() + 33 == pubkey.end());`
			`BIP32Hash(cc, nChild, *pubkey.begin(), pubkey.begin()+1, out);`
			`} else {`
			`assert(begin() + 32 == end());`
			`BIP32Hash(cc, nChild, 0, begin(), out);`
			`}`
			`memcpy(ccChild, out+32, 32);`
libsecp256k1 integration 2014-06-06 01:26:27 +02:00			`memcpy((unsigned char*)keyChild.begin(), begin(), 32);`
Use libsecp256k1 in key.cpp 2014-11-05 18:47:06 +01:00			`bool ret = secp256k1_ec_privkey_tweak_add((unsigned char*)keyChild.begin(), out);`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`UnlockObject(out);`
			`keyChild.fCompressed = true;`
			`keyChild.fValid = ret;`
			`return ret;`
			`}`

			`bool CExtKey::Derive(CExtKey &out, unsigned int nChild) const {`
			`out.nDepth = nDepth + 1;`
			`CKeyID id = key.GetPubKey().GetID();`
			`memcpy(&out.vchFingerprint[0], &id, 4);`
			`out.nChild = nChild;`
Abstract chaincodes into CChainCode # Conflicts: # src/key.cpp # src/key.h 2014-01-25 20:05:00 +01:00			`return key.Derive(out.key, out.chaincode.data, nChild, chaincode.data);`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`}`

			`void CExtKey::SetMaster(const unsigned char *seed, unsigned int nSeedLen) {`
Add a built-in SHA256/SHA512 implementation. This also moves the HMAC-SHA512 implementation to sha2.cpp. 2014-04-20 17:36:25 +02:00			`static const unsigned char hashkey[] = {'B','i','t','c','o','i','n',' ','s','e','e','d'};`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`unsigned char out[64];`
			`LockObject(out);`
Add a built-in SHA256/SHA512 implementation. This also moves the HMAC-SHA512 implementation to sha2.cpp. 2014-04-20 17:36:25 +02:00			`CHMAC_SHA512(hashkey, sizeof(hashkey)).Write(seed, nSeedLen).Finalize(out);`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`key.Set(&out[0], &out[32], true);`
Abstract chaincodes into CChainCode # Conflicts: # src/key.cpp # src/key.h 2014-01-25 20:05:00 +01:00			`memcpy(chaincode.data, &out[32], 32);`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`UnlockObject(out);`
			`nDepth = 0;`
			`nChild = 0;`
			`memset(vchFingerprint, 0, sizeof(vchFingerprint));`
			`}`

			`CExtPubKey CExtKey::Neuter() const {`
			`CExtPubKey ret;`
			`ret.nDepth = nDepth;`
			`memcpy(&ret.vchFingerprint[0], &vchFingerprint[0], 4);`
			`ret.nChild = nChild;`
			`ret.pubkey = key.GetPubKey();`
Abstract chaincodes into CChainCode # Conflicts: # src/key.cpp # src/key.h 2014-01-25 20:05:00 +01:00			`memcpy(&ret.chaincode.data[0], &chaincode.data[0], 32);`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`return ret;`
			`}`

			`void CExtKey::Encode(unsigned char code[74]) const {`
			`code[0] = nDepth;`
			`memcpy(code+1, vchFingerprint, 4);`
			`code[5] = (nChild >> 24) & 0xFF; code[6] = (nChild >> 16) & 0xFF;`
			`code[7] = (nChild >> 8) & 0xFF; code[8] = (nChild >> 0) & 0xFF;`
Abstract chaincodes into CChainCode # Conflicts: # src/key.cpp # src/key.h 2014-01-25 20:05:00 +01:00			`memcpy(code+9, chaincode.data, 32);`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`code[41] = 0;`
			`assert(key.size() == 32);`
			`memcpy(code+42, key.begin(), 32);`
			`}`

			`void CExtKey::Decode(const unsigned char code[74]) {`
			`nDepth = code[0];`
			`memcpy(vchFingerprint, code+1, 4);`
			`nChild = (code[5] << 24) \| (code[6] << 16) \| (code[7] << 8) \| code[8];`
Abstract chaincodes into CChainCode # Conflicts: # src/key.cpp # src/key.h 2014-01-25 20:05:00 +01:00			`memcpy(chaincode.data, code+9, 32);`
BIP32 derivation implementation 2013-07-15 01:05:25 +02:00			`key.Set(code+42, code+74, true);`
			`}`

key.cpp: fail with a friendlier message on missing ssl EC support Previously if bitcoind is linked with an OpenSSL which is compiled without EC support, this is seen as an assertion failure "pKey != NULL" at key.cpp:134, which occurs after several seconds. It is an esoteric piece of knowledge to interpret this as "oops, I linked with the wrong OpenSSL", and because of the delay it may not even be noticed. The new output is : OpenSSL appears to lack support for elliptic curve cryptography. For more information, visit https://en.bitcoin.it/wiki/OpenSSL_and_EC_Libraries : Initialization sanity check failed. Bitcoin Core is shutting down. which occurs immediately after attempted startup. This also blocks in an InitSanityCheck() function which currently only checks for EC support but should eventually do more. See #4081. 2014-06-03 01:21:03 +02:00			`bool ECC_InitSanityCheck() {`
Add key generation/verification to ECC sanity check 2014-11-08 23:29:45 +01:00			`if (!CECKey::SanityCheck()) {`
			`return false;`
			`}`
			`CKey key;`
			`key.MakeNewKey(true);`
			`CPubKey pubkey = key.GetPubKey();`
			`return key.VerifyPubKey(pubkey);`
key.cpp: fail with a friendlier message on missing ssl EC support Previously if bitcoind is linked with an OpenSSL which is compiled without EC support, this is seen as an assertion failure "pKey != NULL" at key.cpp:134, which occurs after several seconds. It is an esoteric piece of knowledge to interpret this as "oops, I linked with the wrong OpenSSL", and because of the delay it may not even be noticed. The new output is : OpenSSL appears to lack support for elliptic curve cryptography. For more information, visit https://en.bitcoin.it/wiki/OpenSSL_and_EC_Libraries : Initialization sanity check failed. Bitcoin Core is shutting down. which occurs immediately after attempted startup. This also blocks in an InitSanityCheck() function which currently only checks for EC support but should eventually do more. See #4081. 2014-06-03 01:21:03 +02:00			`}`