org.bitcoinj.core.ECKey.ECDSASignature Java Examples

The following examples show how to use org.bitcoinj.core.ECKey.ECDSASignature. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DefaultRiskAnalysis.java    From bcm-android with GNU General Public License v3.0 6 votes vote down vote up
/**
 * Checks if the given input passes some of the AreInputsStandard checks. Not complete.
 */
public static RuleViolation isInputStandard(TransactionInput input) {
    for (ScriptChunk chunk : input.getScriptSig().getChunks()) {
        if (chunk.data != null && !chunk.isShortestPossiblePushData())
            return RuleViolation.SHORTEST_POSSIBLE_PUSHDATA;
        if (chunk.isPushData()) {
            ECDSASignature signature;
            try {
                signature = ECKey.ECDSASignature.decodeFromDER(chunk.data);
            } catch (IllegalArgumentException x) {
                // Doesn't look like a signature.
                signature = null;
            }
            if (signature != null) {
                if (!TransactionSignature.isEncodingCanonical(chunk.data))
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
                if (!signature.isCanonical())
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
            }
        }
    }
    return RuleViolation.NONE;
}
 
Example #2
Source File: BisqRiskAnalysis.java    From bisq with GNU Affero General Public License v3.0 6 votes vote down vote up
/** Checks if the given input passes some of the AreInputsStandard checks. Not complete. */
public static RuleViolation isInputStandard(TransactionInput input) {
    for (ScriptChunk chunk : input.getScriptSig().getChunks()) {
        if (chunk.data != null && !chunk.isShortestPossiblePushData())
            return RuleViolation.SHORTEST_POSSIBLE_PUSHDATA;
        if (chunk.isPushData()) {
            ECDSASignature signature;
            try {
                signature = ECKey.ECDSASignature.decodeFromDER(chunk.data);
            } catch (RuntimeException x) {
                // Doesn't look like a signature.
                signature = null;
            }
            if (signature != null) {
                if (!TransactionSignature.isEncodingCanonical(chunk.data))
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
                if (!signature.isCanonical())
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
            }
        }
    }
    return RuleViolation.NONE;
}
 
Example #3
Source File: ECKeyTest.java    From bcm-android with GNU General Public License v3.0 6 votes vote down vote up
@Test
public void keyRecoveryTestVector() {
    // a test that exercises key recovery with findRecoveryId() on a test vector
    // test vector from https://crypto.stackexchange.com/a/41339
    ECKey key = ECKey.fromPrivate(
            new BigInteger("ebb2c082fd7727890a28ac82f6bdf97bad8de9f5d7c9028692de1a255cad3e0f", 16));
    String message = "Maarten Bodewes generated this test vector on 2016-11-08";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = key.sign(hash);
    key = ECKey.fromPublicOnly(key.getPubKeyPoint());

    byte recId = key.findRecoveryId(hash, sig);
    byte expectedRecId = 0;
    assertEquals(recId, expectedRecId);

    ECKey pubKey = ECKey.fromPublicOnly(key.getPubKeyPoint());
    ECKey recoveredKey = ECKey.recoverFromSignature(recId, sig, hash, true);
    assertEquals(recoveredKey, pubKey);
}
 
Example #4
Source File: ECKeyTest.java    From bcm-android with GNU General Public License v3.0 6 votes vote down vote up
@Test
public void keyRecovery() throws Exception {
    ECKey key = new ECKey();
    String message = "Hello World!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = key.sign(hash);
    key = ECKey.fromPublicOnly(key.getPubKeyPoint());
    boolean found = false;
    for (int i = 0; i < 4; i++) {
        ECKey key2 = ECKey.recoverFromSignature(i, sig, hash, true);
        checkNotNull(key2);
        if (key.equals(key2)) {
            found = true;
            break;
        }
    }
    assertTrue(found);
}
 
Example #5
Source File: ECKeyTest.java    From bcm-android with GNU General Public License v3.0 6 votes vote down vote up
@Test
public void keyRecoveryWithEncryptedKey() throws Exception {
    ECKey unencryptedKey = new ECKey();
    KeyParameter aesKey = keyCrypter.deriveKey(PASSWORD1);
    ECKey encryptedKey = unencryptedKey.encrypt(keyCrypter, aesKey);

    String message = "Goodbye Jupiter!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = encryptedKey.sign(hash, aesKey);
    unencryptedKey = ECKey.fromPublicOnly(unencryptedKey.getPubKeyPoint());
    boolean found = false;
    for (int i = 0; i < 4; i++) {
        ECKey key2 = ECKey.recoverFromSignature(i, sig, hash, true);
        checkNotNull(key2);
        if (unencryptedKey.equals(key2)) {
            found = true;
            break;
        }
    }
    assertTrue(found);
}
 
Example #6
Source File: BisqRiskAnalysis.java    From bisq-core with GNU Affero General Public License v3.0 6 votes vote down vote up
/** Checks if the given input passes some of the AreInputsStandard checks. Not complete. */
public static RuleViolation isInputStandard(TransactionInput input) {
    for (ScriptChunk chunk : input.getScriptSig().getChunks()) {
        if (chunk.data != null && !chunk.isShortestPossiblePushData())
            return RuleViolation.SHORTEST_POSSIBLE_PUSHDATA;
        if (chunk.isPushData()) {
            ECDSASignature signature;
            try {
                signature = ECKey.ECDSASignature.decodeFromDER(chunk.data);
            } catch (RuntimeException x) {
                // Doesn't look like a signature.
                signature = null;
            }
            if (signature != null) {
                if (!TransactionSignature.isEncodingCanonical(chunk.data))
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
                if (!signature.isCanonical())
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
            }
        }
    }
    return RuleViolation.NONE;
}
 
Example #7
Source File: DefaultRiskAnalysis.java    From green_android with GNU General Public License v3.0 6 votes vote down vote up
/** Checks if the given input passes some of the AreInputsStandard checks. Not complete. */
public static RuleViolation isInputStandard(TransactionInput input) {
    for (ScriptChunk chunk : input.getScriptSig().getChunks()) {
        if (chunk.data != null && !chunk.isShortestPossiblePushData())
            return RuleViolation.SHORTEST_POSSIBLE_PUSHDATA;
        if (chunk.isPushData()) {
            ECDSASignature signature;
            try {
                signature = ECKey.ECDSASignature.decodeFromDER(chunk.data);
            } catch (RuntimeException x) {
                // Doesn't look like a signature.
                signature = null;
            }
            if (signature != null) {
                if (!TransactionSignature.isEncodingCanonical(chunk.data))
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
                if (!signature.isCanonical())
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
            }
        }
    }
    return RuleViolation.NONE;
}
 
Example #8
Source File: ECKeyTest.java    From GreenBits with GNU General Public License v3.0 6 votes vote down vote up
@Test
public void keyRecoveryWithEncryptedKey() throws Exception {
    ECKey unencryptedKey = new ECKey();
    KeyParameter aesKey =  keyCrypter.deriveKey(PASSWORD1);
    ECKey encryptedKey = unencryptedKey.encrypt(keyCrypter, aesKey);

    String message = "Goodbye Jupiter!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = encryptedKey.sign(hash, aesKey);
    unencryptedKey = ECKey.fromPublicOnly(unencryptedKey.getPubKeyPoint());
    boolean found = false;
    for (int i = 0; i < 4; i++) {
        ECKey key2 = ECKey.recoverFromSignature(i, sig, hash, true);
        checkNotNull(key2);
        if (unencryptedKey.equals(key2)) {
            found = true;
            break;
        }
    }
    assertTrue(found);
}
 
Example #9
Source File: ECKeyTest.java    From green_android with GNU General Public License v3.0 6 votes vote down vote up
@Test
public void keyRecovery() throws Exception {
    ECKey key = new ECKey();
    String message = "Hello World!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = key.sign(hash);
    key = ECKey.fromPublicOnly(key.getPubKeyPoint());
    boolean found = false;
    for (int i = 0; i < 4; i++) {
        ECKey key2 = ECKey.recoverFromSignature(i, sig, hash, true);
        checkNotNull(key2);
        if (key.equals(key2)) {
            found = true;
            break;
        }
    }
    assertTrue(found);
}
 
Example #10
Source File: ECKeyTest.java    From green_android with GNU General Public License v3.0 6 votes vote down vote up
@Test
public void keyRecoveryWithEncryptedKey() throws Exception {
    ECKey unencryptedKey = new ECKey();
    KeyParameter aesKey =  keyCrypter.deriveKey(PASSWORD1);
    ECKey encryptedKey = unencryptedKey.encrypt(keyCrypter, aesKey);

    String message = "Goodbye Jupiter!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = encryptedKey.sign(hash, aesKey);
    unencryptedKey = ECKey.fromPublicOnly(unencryptedKey.getPubKeyPoint());
    boolean found = false;
    for (int i = 0; i < 4; i++) {
        ECKey key2 = ECKey.recoverFromSignature(i, sig, hash, true);
        checkNotNull(key2);
        if (unencryptedKey.equals(key2)) {
            found = true;
            break;
        }
    }
    assertTrue(found);
}
 
Example #11
Source File: ECKeyTest.java    From GreenBits with GNU General Public License v3.0 6 votes vote down vote up
@Test
public void keyRecovery() throws Exception {
    ECKey key = new ECKey();
    String message = "Hello World!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = key.sign(hash);
    key = ECKey.fromPublicOnly(key.getPubKeyPoint());
    boolean found = false;
    for (int i = 0; i < 4; i++) {
        ECKey key2 = ECKey.recoverFromSignature(i, sig, hash, true);
        checkNotNull(key2);
        if (key.equals(key2)) {
            found = true;
            break;
        }
    }
    assertTrue(found);
}
 
Example #12
Source File: DefaultRiskAnalysis.java    From GreenBits with GNU General Public License v3.0 6 votes vote down vote up
/** Checks if the given input passes some of the AreInputsStandard checks. Not complete. */
public static RuleViolation isInputStandard(TransactionInput input) {
    for (ScriptChunk chunk : input.getScriptSig().getChunks()) {
        if (chunk.data != null && !chunk.isShortestPossiblePushData())
            return RuleViolation.SHORTEST_POSSIBLE_PUSHDATA;
        if (chunk.isPushData()) {
            ECDSASignature signature;
            try {
                signature = ECKey.ECDSASignature.decodeFromDER(chunk.data);
            } catch (RuntimeException x) {
                // Doesn't look like a signature.
                signature = null;
            }
            if (signature != null) {
                if (!TransactionSignature.isEncodingCanonical(chunk.data))
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
                if (!signature.isCanonical())
                    return RuleViolation.SIGNATURE_CANONICAL_ENCODING;
            }
        }
    }
    return RuleViolation.NONE;
}
 
Example #13
Source File: ECKeyTest.java    From bcm-android with GNU General Public License v3.0 5 votes vote down vote up
@Test
public void sValue() throws Exception {
    // Check that we never generate an S value that is larger than half the curve order. This avoids a malleability
    // issue that can allow someone to change a transaction [hash] without invalidating the signature.
    final int ITERATIONS = 10;
    ListeningExecutorService executor = MoreExecutors.listeningDecorator(Executors.newFixedThreadPool(ITERATIONS));
    List<ListenableFuture<ECKey.ECDSASignature>> sigFutures = Lists.newArrayList();
    final ECKey key = new ECKey();
    for (byte i = 0; i < ITERATIONS; i++) {
        final Sha256Hash hash = Sha256Hash.of(new byte[]{i});
        sigFutures.add(executor.submit(new Callable<ECKey.ECDSASignature>() {
            @Override
            public ECKey.ECDSASignature call() throws Exception {
                return key.sign(hash);
            }
        }));
    }
    List<ECKey.ECDSASignature> sigs = Futures.allAsList(sigFutures).get();
    for (ECKey.ECDSASignature signature : sigs) {
        assertTrue(signature.isCanonical());
    }
    final ECDSASignature first = sigs.get(0);
    final ECKey.ECDSASignature duplicate = new ECKey.ECDSASignature(first.r, first.s);
    assertEquals(first, duplicate);
    assertEquals(first.hashCode(), duplicate.hashCode());

    final ECKey.ECDSASignature highS = new ECKey.ECDSASignature(first.r, ECKey.CURVE.getN().subtract(first.s));
    assertFalse(highS.isCanonical());
}
 
Example #14
Source File: Tools.java    From thundernetwork with GNU Affero General Public License v3.0 5 votes vote down vote up
/**
  * Gets the multisig input script.
  *
  * @param client the client
  * @param server the server
  * @return the multisig input script
  */
 public static Script getMultisigInputScript (ECDSASignature client, ECDSASignature server) {
     ArrayList<TransactionSignature> signList = new ArrayList<TransactionSignature>();
     signList.add(new TransactionSignature(client, SigHash.ALL, false));
     signList.add(new TransactionSignature(server, SigHash.ALL, false));
     Script inputScript = ScriptBuilder.createMultiSigInputScript(signList);
     /*
      * Seems there is a bug here,
* https://groups.google.com/forum/#!topic/bitcoinj/A9R8TdUsXms
*/
     Script workaround = new Script(inputScript.getProgram());
     return workaround;

 }
 
Example #15
Source File: ECKeyTest.java    From GreenBits with GNU General Public License v3.0 5 votes vote down vote up
@Test
public void sValue() throws Exception {
    // Check that we never generate an S value that is larger than half the curve order. This avoids a malleability
    // issue that can allow someone to change a transaction [hash] without invalidating the signature.
    final int ITERATIONS = 10;
    ListeningExecutorService executor = MoreExecutors.listeningDecorator(Executors.newFixedThreadPool(ITERATIONS));
    List<ListenableFuture<ECKey.ECDSASignature>> sigFutures = Lists.newArrayList();
    final ECKey key = new ECKey();
    for (byte i = 0; i < ITERATIONS; i++) {
        final Sha256Hash hash = Sha256Hash.of(new byte[]{i});
        sigFutures.add(executor.submit(new Callable<ECKey.ECDSASignature>() {
            @Override
            public ECKey.ECDSASignature call() throws Exception {
                return key.sign(hash);
            }
        }));
    }
    List<ECKey.ECDSASignature> sigs = Futures.allAsList(sigFutures).get();
    for (ECKey.ECDSASignature signature : sigs) {
        assertTrue(signature.isCanonical());
    }
    final ECDSASignature first = sigs.get(0);
    final ECKey.ECDSASignature duplicate = new ECKey.ECDSASignature(first.r, first.s);
    assertEquals(first, duplicate);
    assertEquals(first.hashCode(), duplicate.hashCode());

    final ECKey.ECDSASignature highS = new ECKey.ECDSASignature(first.r, ECKey.CURVE.getN().subtract(first.s));
    assertFalse(highS.isCanonical());
}
 
Example #16
Source File: Tools.java    From thunder with GNU Affero General Public License v3.0 5 votes vote down vote up
public static Script getMultisigInputScript (ECDSASignature client, ECDSASignature server) {
     ArrayList<TransactionSignature> signList = new ArrayList<TransactionSignature>();
     signList.add(new TransactionSignature(client, SigHash.ALL, false));
     signList.add(new TransactionSignature(server, SigHash.ALL, false));
     Script inputScript = ScriptBuilder.createMultiSigInputScript(signList);
     /*
      * Seems there is a bug here,
* https://groups.google.com/forum/#!topic/bitcoinj/A9R8TdUsXms
*/
     Script workaround = new Script(inputScript.getProgram());
     return workaround;
 }
 
Example #17
Source File: ECKeyTest.java    From green_android with GNU General Public License v3.0 5 votes vote down vote up
@Test
public void sValue() throws Exception {
    // Check that we never generate an S value that is larger than half the curve order. This avoids a malleability
    // issue that can allow someone to change a transaction [hash] without invalidating the signature.
    final int ITERATIONS = 10;
    ListeningExecutorService executor = MoreExecutors.listeningDecorator(Executors.newFixedThreadPool(ITERATIONS));
    List<ListenableFuture<ECKey.ECDSASignature>> sigFutures = Lists.newArrayList();
    final ECKey key = new ECKey();
    for (byte i = 0; i < ITERATIONS; i++) {
        final Sha256Hash hash = Sha256Hash.of(new byte[]{i});
        sigFutures.add(executor.submit(new Callable<ECKey.ECDSASignature>() {
            @Override
            public ECKey.ECDSASignature call() throws Exception {
                return key.sign(hash);
            }
        }));
    }
    List<ECKey.ECDSASignature> sigs = Futures.allAsList(sigFutures).get();
    for (ECKey.ECDSASignature signature : sigs) {
        assertTrue(signature.isCanonical());
    }
    final ECDSASignature first = sigs.get(0);
    final ECKey.ECDSASignature duplicate = new ECKey.ECDSASignature(first.r, first.s);
    assertEquals(first, duplicate);
    assertEquals(first.hashCode(), duplicate.hashCode());

    final ECKey.ECDSASignature highS = new ECKey.ECDSASignature(first.r, ECKey.CURVE.getN().subtract(first.s));
    assertFalse(highS.isCanonical());
}
 
Example #18
Source File: ECKeyTest.java    From bcm-android with GNU General Public License v3.0 5 votes vote down vote up
@Test
public void keyRecoveryWithFindRecoveryId() throws Exception {
    ECKey key = new ECKey();
    String message = "Hello World!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = key.sign(hash);

    byte recId = key.findRecoveryId(hash, sig);
    ECKey pubKey = ECKey.fromPublicOnly(key.getPubKeyPoint());
    ECKey recoveredKey = ECKey.recoverFromSignature(recId, sig, hash, true);
    assertEquals(recoveredKey, pubKey);
}
 
Example #19
Source File: ECKeyTest.java    From bcm-android with GNU General Public License v3.0 5 votes vote down vote up
@Test
public void findRecoveryId() {
    ECKey key = new ECKey();
    String message = "Hello World!";
    Sha256Hash hash = Sha256Hash.of(message.getBytes());
    ECKey.ECDSASignature sig = key.sign(hash);
    key = ECKey.fromPublicOnly(key.getPubKeyPoint());

    List<Byte> possibleRecIds = Lists.newArrayList((byte) 0, (byte) 1, (byte) 2, (byte) 3);
    byte recId = key.findRecoveryId(hash, sig);
    assertTrue(possibleRecIds.contains(recId));
}
 
Example #20
Source File: Tools.java    From thundernetwork with GNU Affero General Public License v3.0 4 votes vote down vote up
public static TransactionSignature getSignature (Transaction transactionToSign, int index, byte[] outputToSpend, ECKey key) {
    Sha256Hash hash = transactionToSign.hashForSignature(index, outputToSpend, SigHash.ALL, false);

    ECDSASignature signature = key.sign(hash).toCanonicalised();
    return new TransactionSignature(signature, SigHash.ALL, false);
}
 
Example #21
Source File: Tools.java    From thunder with GNU Affero General Public License v3.0 2 votes vote down vote up
/**
 * Check signature.
 *
 * @param transaction   the transaction
 * @param index         the index
 * @param outputToSpend the output to spend
 * @param key           the key
 * @param signature     the signature
 * @return true, if successful
 */
public static boolean checkSignature (Transaction transaction, int index, TransactionOutput outputToSpend, ECKey key, byte[] signature) {
    Sha256Hash hash = transaction.hashForSignature(index, outputToSpend.getScriptBytes(), SigHash.ALL, false);
    return key.verify(hash, ECDSASignature.decodeFromDER(signature));
}
 
Example #22
Source File: TransactionWrapper.java    From thundernetwork with GNU Affero General Public License v3.0 2 votes vote down vote up
/**
 * Instantiates a new transaction wrapper.
 *
 * @param transaction the transaction
 * @param signature   the signature
 */
public TransactionWrapper (Transaction transaction, ECDSASignature signature) {
    this.transaction = transaction;
    this.signature = signature;
}
 
Example #23
Source File: TransactionWrapper.java    From thundernetwork with GNU Affero General Public License v3.0 2 votes vote down vote up
/**
 * Gets the signature.
 *
 * @return the signature
 */
public ECDSASignature getSignature () {
    return signature;
}
 
Example #24
Source File: Tools.java    From thundernetwork with GNU Affero General Public License v3.0 2 votes vote down vote up
/**
 * Check signature.
 *
 * @param transaction   the transaction
 * @param index         the index
 * @param outputToSpend the output to spend
 * @param key           the key
 * @param signature     the signature
 * @return true, if successful
 */
public static boolean checkSignature (Transaction transaction, int index, TransactionOutput outputToSpend, ECKey key, byte[] signature) {
    Sha256Hash hash = transaction.hashForSignature(index, outputToSpend.getScriptBytes(), SigHash.ALL, false);
    return key.verify(hash, ECDSASignature.decodeFromDER(signature));
}