bip324.h

Go to the documentation of this file.

// Copyright (c) 2023-present The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
#ifndef BITCOIN_BIP324_H
#define BITCOIN_BIP324_H
 
#include <array>
#include <cstddef>
#include <optional>
 
#include <crypto/chacha20.h>
#include <crypto/chacha20poly1305.h>
#include <key.h>
#include <pubkey.h>
#include <span.h>
 
static constexpr unsigned BIP324_SHORTIDS_IMPLEMENTED{38};
 
class BIP324Cipher
{
public:
    static constexpr unsigned SESSION_ID_LEN{32};
    static constexpr unsigned GARBAGE_TERMINATOR_LEN{16};
    static constexpr unsigned REKEY_INTERVAL{224};
    static constexpr unsigned LENGTH_LEN{3};
    static constexpr unsigned HEADER_LEN{1};
    static constexpr unsigned EXPANSION = LENGTH_LEN + HEADER_LEN + FSChaCha20Poly1305::EXPANSION;
    static constexpr std::byte IGNORE_BIT{0x80};
 
private:
    std::optional<FSChaCha20> m_send_l_cipher;
    std::optional<FSChaCha20> m_recv_l_cipher;
    std::optional<FSChaCha20Poly1305> m_send_p_cipher;
    std::optional<FSChaCha20Poly1305> m_recv_p_cipher;
 
    CKey m_key;
    EllSwiftPubKey m_our_pubkey;
 
    std::array<std::byte, SESSION_ID_LEN> m_session_id;
    std::array<std::byte, GARBAGE_TERMINATOR_LEN> m_send_garbage_terminator;
    std::array<std::byte, GARBAGE_TERMINATOR_LEN> m_recv_garbage_terminator;
 
public:
    BIP324Cipher() = delete;
 
    BIP324Cipher(const CKey& key, std::span<const std::byte> ent32) noexcept;
 
    BIP324Cipher(const CKey& key, const EllSwiftPubKey& pubkey) noexcept;
 
    const EllSwiftPubKey& GetOurPubKey() const noexcept { return m_our_pubkey; }
 
    void Initialize(const EllSwiftPubKey& their_pubkey, bool initiator, bool self_decrypt = false) noexcept;
 
    explicit operator bool() const noexcept { return m_send_l_cipher.has_value(); }
 
    void Encrypt(std::span<const std::byte> contents, std::span<const std::byte> aad, bool ignore, std::span<std::byte> output) noexcept;
 
    unsigned DecryptLength(std::span<const std::byte> input) noexcept;
 
    bool Decrypt(std::span<const std::byte> input, std::span<const std::byte> aad, bool& ignore, std::span<std::byte> contents) noexcept;
 
    std::span<const std::byte> GetSessionID() const noexcept { return m_session_id; }
 
    std::span<const std::byte> GetSendGarbageTerminator() const noexcept { return m_send_garbage_terminator; }
 
    std::span<const std::byte> GetReceiveGarbageTerminator() const noexcept { return m_recv_garbage_terminator; }
};
 
#endif // BITCOIN_BIP324_H