public KeyPair(byte[] privateKey, KeyType version = KeyType.Transparent)
{
this.nVersion = version;
if (version == KeyType.Transparent)
{
if (privateKey.Length != 32 && privateKey.Length != 96 && privateKey.Length != 104)
{
throw new ArgumentException();
}
this.PrivateKey = new byte[32];
Buffer.BlockCopy(privateKey, privateKey.Length - 32, PrivateKey, 0, 32);
if (privateKey.Length == 32)
{
this.PublicKey = Cryptography.ECC.ECCurve.Secp256r1.G * privateKey;
}
else
{
this.PublicKey = Cryptography.ECC.ECPoint.FromBytes(privateKey, Cryptography.ECC.ECCurve.Secp256r1);
}
this.PublicKeyHash = PublicKey.EncodePoint(true).ToScriptHash();
#if NET461
ProtectedMemory.Protect(PrivateKey, MemoryProtectionScope.SameProcess);
#endif
}
else if (version == KeyType.Anonymous)
{
if (privateKey.Length != 32 && privateKey.Length != 96 && privateKey.Length != 104)
{
throw new ArgumentException();
}
this.PrivateKey = new byte[32];
Buffer.BlockCopy(privateKey, privateKey.Length - 32, PrivateKey, 0, 32);
if (PrivateKey[31] > 0x10 && PrivateKey.Length != 32)
{
throw new ArgumentException();
}
if (privateKey.Length == 32)
{
this.PublicKey = Cryptography.ECC.ECCurve.Secp256r1.G * privateKey;
}
else
{
this.PublicKey = Cryptography.ECC.ECPoint.FromBytes(privateKey, Cryptography.ECC.ECCurve.Secp256r1);
}
this.PublicKeyHash = PublicKey.EncodePoint(true).ToScriptHash();
#if NET461
ProtectedMemory.Protect(PrivateKey, MemoryProtectionScope.SameProcess);
#endif
}
}
/// <summary>
/// Get the One-Time public key from r private key
/// </summary>
/// <param name="senderPrivKey"></param>
/// <returns></returns>
public byte[] GenPaymentPubKeyHash(byte[] senderPrivKey)
{
Cryptography.ECC.ECPoint S = this.ViewPubKey * senderPrivKey;
byte[] d = Crypto.Default.Hash256(S.EncodePoint(true));
Cryptography.ECC.ECPoint D = Cryptography.ECC.ECCurve.Secp256r1.G * d;
Cryptography.ECC.ECPoint E = this.PayloadPubKey + D;
return(E.EncodePoint(true));
}
public static bool Verify(Cryptography.ECC.ECPoint P1, Cryptography.ECC.ECPoint P2, SchnorrSignatureType sig)
{
byte[] c2 = Crypto.Default.Hash256(sig.L1.EncodePoint(true));
Cryptography.ECC.ECPoint L2 = Cryptography.ECC.ECCurve.Secp256r1.G * sig.s2 + P2 * c2;
byte[] c1 = Crypto.Default.Hash256(L2.EncodePoint(true));
Cryptography.ECC.ECPoint L1P = Cryptography.ECC.ECCurve.Secp256r1.G * sig.s1 + P1 * c1;
return(sig.L1.ToString() == L1P.ToString());
}
/// <summary>
/// Get the One-Time Private key from R of TX
/// </summary>
/// <param name="R"></param>
/// <returns></returns>
public byte[] GenOneTimePrivKey(Quras.Cryptography.ECC.ECPoint R)
{
using (DecryptViewKey())
{
using (DecryptPayloadKey())
{
Cryptography.ECC.ECPoint S = R * this.ViewPrivKey;
byte[] d = Crypto.Default.Hash256(S.EncodePoint(true));
byte[] ret = Quras.Core.RingCT.Impls.ScalarFunctions.Add(d, this.PayloadPrivKey);
return(ret);
}
}
}
/// <summary>
/// Get the One-Time public key from R of Tx
/// </summary>
/// <param name="R"></param>
/// <returns></returns>
public byte[] GetPaymentPubKeyFromR(Cryptography.ECC.ECPoint R)
{
if (PayloadPrivKey == null || ViewPrivKey == null)
{
return(new byte[33]);
}
using (DecryptPayloadKey())
{
using (DecryptViewKey())
{
Cryptography.ECC.ECPoint S = R * this.ViewPrivKey;
byte[] d = Crypto.Default.Hash256(S.EncodePoint(true));
Cryptography.ECC.ECPoint D = Cryptography.ECC.ECCurve.Secp256r1.G * d;
Cryptography.ECC.ECPoint E = D + Cryptography.ECC.ECCurve.Secp256r1.G * this.PayloadPrivKey;
return(E.EncodePoint(true));
}
}
}
public static SchnorrSignatureType Generate(byte[] x, Cryptography.ECC.ECPoint P1, Cryptography.ECC.ECPoint P2, int index)
{
byte[] a = GenerateRandomScalar();
if (index == 0)
{
Cryptography.ECC.ECPoint L1 = Cryptography.ECC.ECCurve.Secp256r1.G * a;
byte[] s2 = GenerateRandomScalar();
byte[] c2 = Crypto.Default.Hash256(L1.EncodePoint(true));
Cryptography.ECC.ECPoint L2 = Cryptography.ECC.ECCurve.Secp256r1.G * s2 + P2 * c2;
byte[] c1 = Crypto.Default.Hash256(L2.EncodePoint(true));
byte[] s1 = ScalarFunctions.MulSub(c1, x, a);
SchnorrSignatureType retSig = new SchnorrSignatureType(L1, s1, s2);
return(retSig);
}
else if (index == 1)
{
Cryptography.ECC.ECPoint L2 = Cryptography.ECC.ECCurve.Secp256r1.G * a;
byte[] s1 = GenerateRandomScalar();
byte[] c1 = Crypto.Default.Hash256(L2.EncodePoint(true));
Cryptography.ECC.ECPoint L1 = Cryptography.ECC.ECCurve.Secp256r1.G * s1 + P1 * c1;
byte[] c2 = Crypto.Default.Hash256(L1.EncodePoint(true));
byte[] s2 = ScalarFunctions.MulSub(c2, x, a);
SchnorrSignatureType retSig = new SchnorrSignatureType(L1, s1, s2);
return(retSig);
}
else
{
throw new Exception("SchnorrNonLinkable Index Overload Error!");
}
}
public KeyPair(byte[] privateKey)
{
if (privateKey.Length != 32 && privateKey.Length != 96 && privateKey.Length != 104)
{
throw new ArgumentException();
}
this.PrivateKey = new byte[32];
Buffer.BlockCopy(privateKey, privateKey.Length - 32, PrivateKey, 0, 32);
if (privateKey.Length == 32)
{
this.PublicKey = Cryptography.ECC.ECCurve.Secp256r1.G * privateKey;
}
else
{
this.PublicKey = Cryptography.ECC.ECPoint.FromBytes(privateKey, Cryptography.ECC.ECCurve.Secp256r1);
}
this.PublicKeyHash = PublicKey.EncodePoint(true).ToScriptHash();
#if NET47
ProtectedMemory.Protect(PrivateKey, MemoryProtectionScope.SameProcess);
#endif
}
/// <summary>
/// 根据传入的公钥与签名,对可签名对象的签名进行验证
/// </summary>
/// <param name="signable">要验证的数据</param>
/// <param name="pubkey">公钥</param>
/// <param name="signature">签名</param>
/// <returns>返回验证结果</returns>
public static bool VerifySignature(this ISignable signable, Cryptography.ECC.ECPoint pubkey, byte[] signature)
{
byte[] pubk = pubkey.EncodePoint(false).Skip(1).ToArray();
#if NET461
const int ECDSA_PUBLIC_P256_MAGIC = 0x31534345;
pubk = BitConverter.GetBytes(ECDSA_PUBLIC_P256_MAGIC).Concat(BitConverter.GetBytes(32)).Concat(pubk).ToArray();
using (CngKey key = CngKey.Import(pubk, CngKeyBlobFormat.EccPublicBlob))
using (ECDsaCng ecdsa = new ECDsaCng(key))
#else
using (var ecdsa = ECDsa.Create(new ECParameters
{
Curve = ECCurve.NamedCurves.nistP256,
Q = new ECPoint
{
X = pubk.Take(32).ToArray(),
Y = pubk.Skip(32).ToArray()
}
}))
#endif
{
return(ecdsa.VerifyHash(signable.GetHashForSigning(), signature));
}
}
public KeyPair CheckPaymentPubKeyHash(Cryptography.ECC.ECPoint opReturnPubKey, string pubKeyHashToCompare)
{
using (DecryptPayloadKey())
{
using (DecryptViewKey())
{
Cryptography.ECC.ECPoint S = opReturnPubKey * this.ViewPrivKey;
byte[] d = Crypto.Default.Hash256(S.EncodePoint(true));
BigInteger e = ((new BigInteger(d.Reverse().Concat(new byte[1]).ToArray())) + (new BigInteger(this.PayloadPrivKey.Reverse().Concat(new byte[1]).ToArray()))).Mod(Cryptography.ECC.ECCurve.Secp256r1.N);
byte[] e_bytes = e.ToByteArray().Reverse().ToArray();
byte[] e_final = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
if (e_bytes.Length != 32)
{
for (int i = 0; i < 32; i++)
{
e_final[31 - i] = e_bytes[e_bytes.Length - i - 1];
}
}
else
{
e_final = e.ToByteArray().Reverse().ToArray();
}
Cryptography.ECC.ECPoint E = Cryptography.ECC.ECCurve.Secp256r1.G * e_final;
Cryptography.ECC.ECPoint D = Cryptography.ECC.ECCurve.Secp256r1.G * d;
Cryptography.ECC.ECPoint PPK = Cryptography.ECC.ECCurve.Secp256r1.G * PayloadPrivKey;
Cryptography.ECC.ECPoint E1 = D + PayloadPubKey;
UInt160 pubKeyHash = E.EncodePoint(true).ToScriptHash();
return(new KeyPair(e_final));
}
}
}
public Account GetAccount(Cryptography.ECC.ECPoint publicKey)
{
return(GetAccount(publicKey.EncodePoint(true).ToScriptHash()));
}
public bool ContainsAccount(Cryptography.ECC.ECPoint publicKey)
{
return(ContainsAccount(publicKey.EncodePoint(true).ToScriptHash()));
}
public KeyPair GetKey(Cryptography.ECC.ECPoint publicKey)
{
return(GetKey(publicKey.EncodePoint(true).ToScriptHash()));
}