예제 #1
0
 /**
  * Return the fingerprint of this key's parent as an int value, or zero if this key is the root
  * node of the key hierarchy. Raise an exception if the arguments are inconsistent. This method
  * exists to avoid code repetition in the constructors.
  */
 private int ascertainParentFingerprint(DeterministicKey parentKey, int parentFingerprint)
     throws IllegalArgumentException {
   if (parentFingerprint != 0) {
     if (parent != null)
       checkArgument(
           parent.getFingerprint() == parentFingerprint,
           "parent fingerprint mismatch",
           Integer.toHexString(parent.getFingerprint()),
           Integer.toHexString(parentFingerprint));
     return parentFingerprint;
   } else return 0;
 }
예제 #2
0
 /**
  * Deserialize an HD Key.
  *
  * @param parent The parent node in the given key's deterministic hierarchy.
  */
 public static DeterministicKey deserialize(
     NetworkParameters params, byte[] serializedKey, @Nullable DeterministicKey parent) {
   ByteBuffer buffer = ByteBuffer.wrap(serializedKey);
   int header = buffer.getInt();
   if (header != params.getBip32HeaderPriv() && header != params.getBip32HeaderPub())
     throw new IllegalArgumentException(
         "Unknown header bytes: " + toBase58(serializedKey).substring(0, 4));
   boolean pub = header == params.getBip32HeaderPub();
   int depth =
       buffer.get() & 0xFF; // convert signed byte to positive int since depth cannot be negative
   final int parentFingerprint = buffer.getInt();
   final int i = buffer.getInt();
   final ChildNumber childNumber = new ChildNumber(i);
   ImmutableList<ChildNumber> path;
   if (parent != null) {
     if (parentFingerprint == 0)
       throw new IllegalArgumentException("Parent was provided but this key doesn't have one");
     if (parent.getFingerprint() != parentFingerprint)
       throw new IllegalArgumentException("Parent fingerprints don't match");
     path = HDUtils.append(parent.getPath(), childNumber);
     if (path.size() != depth) throw new IllegalArgumentException("Depth does not match");
   } else {
     if (depth >= 1)
       // We have been given a key that is not a root key, yet we lack the object representing the
       // parent.
       // This can happen when deserializing an account key for a watching wallet.  In this case,
       // we assume that
       // the client wants to conceal the key's position in the hierarchy.  The path is truncated
       // at the
       // parent's node.
       path = ImmutableList.of(childNumber);
     else path = ImmutableList.of();
   }
   byte[] chainCode = new byte[32];
   buffer.get(chainCode);
   byte[] data = new byte[33];
   buffer.get(data);
   checkArgument(!buffer.hasRemaining(), "Found unexpected data in key");
   if (pub) {
     return new DeterministicKey(
         path,
         chainCode,
         new LazyECPoint(ECKey.CURVE.getCurve(), data),
         parent,
         depth,
         parentFingerprint);
   } else {
     return new DeterministicKey(
         path, chainCode, new BigInteger(1, data), parent, depth, parentFingerprint);
   }
 }
예제 #3
0
 @Override
 public DeterministicKey decrypt(KeyCrypter keyCrypter, KeyParameter aesKey)
     throws KeyCrypterException {
   checkNotNull(keyCrypter);
   // Check that the keyCrypter matches the one used to encrypt the keys, if set.
   if (this.keyCrypter != null && !this.keyCrypter.equals(keyCrypter))
     throw new KeyCrypterException(
         "The keyCrypter being used to decrypt the key is different to the one that was used to encrypt it");
   BigInteger privKey = findOrDeriveEncryptedPrivateKey(keyCrypter, aesKey);
   DeterministicKey key = new DeterministicKey(childNumberPath, chainCode, privKey, parent);
   if (!Arrays.equals(key.getPubKey(), getPubKey()))
     throw new KeyCrypterException("Provided AES key is wrong");
   if (parent == null) key.setCreationTimeSeconds(getCreationTimeSeconds());
   return key;
 }
예제 #4
0
 public DeterministicKey encrypt(
     KeyCrypter keyCrypter, KeyParameter aesKey, @Nullable DeterministicKey newParent)
     throws KeyCrypterException {
   // Same as the parent code, except we construct a DeterministicKey instead of an ECKey.
   checkNotNull(keyCrypter);
   if (newParent != null) checkArgument(newParent.isEncrypted());
   final byte[] privKeyBytes = getPrivKeyBytes();
   checkState(privKeyBytes != null, "Private key is not available");
   EncryptedData encryptedPrivateKey = keyCrypter.encrypt(privKeyBytes, aesKey);
   DeterministicKey key =
       new DeterministicKey(
           childNumberPath, chainCode, keyCrypter, pub, encryptedPrivateKey, newParent);
   if (newParent == null) key.setCreationTimeSeconds(getCreationTimeSeconds());
   return key;
 }
예제 #5
0
 /**
  * Returns this keys {@link org.bitcoinj.crypto.KeyCrypter} <b>or</b> the keycrypter of its parent
  * key.
  */
 @Override
 @Nullable
 public KeyCrypter getKeyCrypter() {
   if (keyCrypter != null) return keyCrypter;
   else if (parent != null) return parent.getKeyCrypter();
   else return null;
 }
예제 #6
0
 /** Constructs a key from its components. This is not normally something you should use. */
 public DeterministicKey(
     ImmutableList<ChildNumber> childNumberPath,
     byte[] chainCode,
     BigInteger priv,
     @Nullable DeterministicKey parent) {
   super(priv, compressPoint(ECKey.publicPointFromPrivate(priv)));
   checkArgument(chainCode.length == 32);
   this.parent = parent;
   this.childNumberPath = checkNotNull(childNumberPath);
   this.chainCode = Arrays.copyOf(chainCode, chainCode.length);
   this.depth = this.childNumberPath.size();
   this.parentFingerprint = (parent != null) ? parent.getFingerprint() : 0;
 }
예제 #7
0
 private BigInteger derivePrivateKeyDownwards(
     DeterministicKey cursor, byte[] parentalPrivateKeyBytes) {
   DeterministicKey downCursor =
       new DeterministicKey(
           cursor.childNumberPath,
           cursor.chainCode,
           cursor.pub,
           new BigInteger(1, parentalPrivateKeyBytes),
           cursor.parent);
   // Now we have to rederive the keys along the path back to ourselves. That path can be found by
   // just truncating
   // our path with the length of the parents path.
   ImmutableList<ChildNumber> path =
       childNumberPath.subList(cursor.getPath().size(), childNumberPath.size());
   for (ChildNumber num : path) {
     downCursor = HDKeyDerivation.deriveChildKey(downCursor, num);
   }
   // downCursor is now the same key as us, but with private key bytes.
   checkState(downCursor.pub.equals(pub));
   return checkNotNull(downCursor.priv);
 }
예제 #8
0
 /**
  * The creation time of a deterministic key is equal to that of its parent, unless this key is the
  * root of a tree in which case the time is stored alongside the key as per normal, see {@link
  * org.bitcoinj.core.ECKey#getCreationTimeSeconds()}.
  */
 @Override
 public long getCreationTimeSeconds() {
   if (parent != null) return parent.getCreationTimeSeconds();
   else return super.getCreationTimeSeconds();
 }
예제 #9
0
 /**
  * A deterministic key is considered to be encrypted if it has access to encrypted private key
  * bytes, OR if its parent does. The reason is because the parent would be encrypted under the
  * same key and this key knows how to rederive its own private key bytes from the parent, if
  * needed.
  */
 @Override
 public boolean isEncrypted() {
   return priv == null && (super.isEncrypted() || (parent != null && parent.isEncrypted()));
 }
예제 #10
0
 /**
  * A deterministic key is considered to be 'public key only' if it hasn't got a private key part
  * and it cannot be rederived. If the hierarchy is encrypted this returns true.
  */
 @Override
 public boolean isPubKeyOnly() {
   return super.isPubKeyOnly() && (parent == null || parent.isPubKeyOnly());
 }
예제 #11
0
 /**
  * Returns the same key with the parent pointer removed (it still knows its own path and the
  * parent fingerprint).
  *
  * <p>If this key doesn't have private key bytes stored/cached itself, but could rederive them
  * from the parent, then the new key returned by this method won't be able to do that. Thus, using
  * dropPrivateBytes().dropParent() on a regular DeterministicKey will yield a new DeterministicKey
  * that cannot sign or do other things involving the private key at all.
  */
 public DeterministicKey dropParent() {
   DeterministicKey key = new DeterministicKey(getPath(), getChainCode(), pub, priv, null);
   key.parentFingerprint = parentFingerprint;
   return key;
 }