Bitcoin Core  25.99.0
P2P Digital Currency
Public Member Functions | Static Public Attributes | Private Attributes | List of all members
BIP324Cipher Class Reference

The BIP324 packet cipher, encapsulating its key derivation, stream cipher, and AEAD. More...

#include <bip324.h>

Collaboration diagram for BIP324Cipher:
[legend]

Public Member Functions

 BIP324Cipher ()=delete
 No default constructor; keys must be provided to create a BIP324Cipher. More...
 
 BIP324Cipher (const CKey &key, Span< const std::byte > ent32) noexcept
 Initialize a BIP324 cipher with specified key and encoding entropy (testing only). More...
 
 BIP324Cipher (const CKey &key, const EllSwiftPubKey &pubkey) noexcept
 Initialize a BIP324 cipher with specified key (testing only). More...
 
const EllSwiftPubKeyGetOurPubKey () const noexcept
 Retrieve our public key. More...
 
void Initialize (const EllSwiftPubKey &their_pubkey, bool initiator, bool self_decrypt=false) noexcept
 Initialize when the other side's public key is received. More...
 
 operator bool () const noexcept
 Determine whether this cipher is fully initialized. More...
 
void Encrypt (Span< const std::byte > contents, Span< const std::byte > aad, bool ignore, Span< std::byte > output) noexcept
 Encrypt a packet. More...
 
unsigned DecryptLength (Span< const std::byte > input) noexcept
 Decrypt the length of a packet. More...
 
bool Decrypt (Span< const std::byte > input, Span< const std::byte > aad, bool &ignore, Span< std::byte > contents) noexcept
 Decrypt a packet. More...
 
Span< const std::byte > GetSessionID () const noexcept
 Get the Session ID. More...
 
Span< const std::byte > GetSendGarbageTerminator () const noexcept
 Get the Garbage Terminator to send. More...
 
Span< const std::byte > GetReceiveGarbageTerminator () const noexcept
 Get the expected Garbage Terminator to receive. More...
 

Static Public Attributes

static constexpr unsigned SESSION_ID_LEN {32}
 
static constexpr unsigned GARBAGE_TERMINATOR_LEN {16}
 
static constexpr unsigned REKEY_INTERVAL {224}
 
static constexpr unsigned LENGTH_LEN {3}
 
static constexpr unsigned HEADER_LEN {1}
 
static constexpr unsigned EXPANSION = LENGTH_LEN + HEADER_LEN + FSChaCha20Poly1305::EXPANSION
 
static constexpr std::byte IGNORE_BIT {0x80}
 

Private Attributes

std::optional< FSChaCha20m_send_l_cipher
 
std::optional< FSChaCha20m_recv_l_cipher
 
std::optional< FSChaCha20Poly1305m_send_p_cipher
 
std::optional< FSChaCha20Poly1305m_recv_p_cipher
 
CKey m_key
 
EllSwiftPubKey m_our_pubkey
 
std::array< std::byte, SESSION_ID_LENm_session_id
 
std::array< std::byte, GARBAGE_TERMINATOR_LENm_send_garbage_terminator
 
std::array< std::byte, GARBAGE_TERMINATOR_LENm_recv_garbage_terminator
 

Detailed Description

The BIP324 packet cipher, encapsulating its key derivation, stream cipher, and AEAD.

Definition at line 19 of file bip324.h.

Constructor & Destructor Documentation

◆ BIP324Cipher() [1/3]

BIP324Cipher::BIP324Cipher ( )
delete

No default constructor; keys must be provided to create a BIP324Cipher.

◆ BIP324Cipher() [2/3]

BIP324Cipher::BIP324Cipher ( const CKey key,
Span< const std::byte >  ent32 
)
noexcept

Initialize a BIP324 cipher with specified key and encoding entropy (testing only).

Definition at line 25 of file bip324.cpp.

◆ BIP324Cipher() [3/3]

BIP324Cipher::BIP324Cipher ( const CKey key,
const EllSwiftPubKey pubkey 
)
noexcept

Initialize a BIP324 cipher with specified key (testing only).

Definition at line 31 of file bip324.cpp.

Member Function Documentation

◆ Decrypt()

bool BIP324Cipher::Decrypt ( Span< const std::byte >  input,
Span< const std::byte >  aad,
bool &  ignore,
Span< std::byte >  contents 
)
noexcept

Decrypt a packet.

Only after Initialize().

It must hold that input.size() + LENGTH_LEN == contents.size() + EXPANSION. Contents.size() must equal the length returned by DecryptLength.

Definition at line 100 of file bip324.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ DecryptLength()

uint32_t BIP324Cipher::DecryptLength ( Span< const std::byte >  input)
noexcept

Decrypt the length of a packet.

Only after Initialize().

It must hold that input.size() == LENGTH_LEN.

Definition at line 89 of file bip324.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ Encrypt()

void BIP324Cipher::Encrypt ( Span< const std::byte >  contents,
Span< const std::byte >  aad,
bool  ignore,
Span< std::byte >  output 
)
noexcept

Encrypt a packet.

Only after Initialize().

It must hold that output.size() == contents.size() + EXPANSION.

Definition at line 73 of file bip324.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GetOurPubKey()

const EllSwiftPubKey& BIP324Cipher::GetOurPubKey ( ) const
inlinenoexcept

Retrieve our public key.

Definition at line 54 of file bip324.h.

Here is the caller graph for this function:

◆ GetReceiveGarbageTerminator()

Span<const std::byte> BIP324Cipher::GetReceiveGarbageTerminator ( ) const
inlinenoexcept

Get the expected Garbage Terminator to receive.

Only after Initialize().

Definition at line 93 of file bip324.h.

Here is the caller graph for this function:

◆ GetSendGarbageTerminator()

Span<const std::byte> BIP324Cipher::GetSendGarbageTerminator ( ) const
inlinenoexcept

Get the Garbage Terminator to send.

Only after Initialize().

Definition at line 90 of file bip324.h.

Here is the caller graph for this function:

◆ GetSessionID()

Span<const std::byte> BIP324Cipher::GetSessionID ( ) const
inlinenoexcept

Get the Session ID.

Only after Initialize().

Definition at line 87 of file bip324.h.

Here is the caller graph for this function:

◆ Initialize()

void BIP324Cipher::Initialize ( const EllSwiftPubKey their_pubkey,
bool  initiator,
bool  self_decrypt = false 
)
noexcept

Initialize when the other side's public key is received.

Can only be called once.

initiator is set to true if we are the initiator establishing the v2 P2P connection. self_decrypt is only for testing, and swaps encryption/decryption keys, so that encryption and decryption can be tested without knowing the other side's private key.

Definition at line 34 of file bip324.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ operator bool()

BIP324Cipher::operator bool ( ) const
inlineexplicitnoexcept

Determine whether this cipher is fully initialized.

Definition at line 65 of file bip324.h.

Member Data Documentation

◆ EXPANSION

constexpr unsigned BIP324Cipher::EXPANSION = LENGTH_LEN + HEADER_LEN + FSChaCha20Poly1305::EXPANSION
staticconstexpr

Definition at line 27 of file bip324.h.

◆ GARBAGE_TERMINATOR_LEN

constexpr unsigned BIP324Cipher::GARBAGE_TERMINATOR_LEN {16}
staticconstexpr

Definition at line 23 of file bip324.h.

◆ HEADER_LEN

constexpr unsigned BIP324Cipher::HEADER_LEN {1}
staticconstexpr

Definition at line 26 of file bip324.h.

◆ IGNORE_BIT

constexpr std::byte BIP324Cipher::IGNORE_BIT {0x80}
staticconstexpr

Definition at line 28 of file bip324.h.

◆ LENGTH_LEN

constexpr unsigned BIP324Cipher::LENGTH_LEN {3}
staticconstexpr

Definition at line 25 of file bip324.h.

◆ m_key

CKey BIP324Cipher::m_key
private

Definition at line 36 of file bip324.h.

◆ m_our_pubkey

EllSwiftPubKey BIP324Cipher::m_our_pubkey
private

Definition at line 37 of file bip324.h.

◆ m_recv_garbage_terminator

std::array<std::byte, GARBAGE_TERMINATOR_LEN> BIP324Cipher::m_recv_garbage_terminator
private

Definition at line 41 of file bip324.h.

◆ m_recv_l_cipher

std::optional<FSChaCha20> BIP324Cipher::m_recv_l_cipher
private

Definition at line 32 of file bip324.h.

◆ m_recv_p_cipher

std::optional<FSChaCha20Poly1305> BIP324Cipher::m_recv_p_cipher
private

Definition at line 34 of file bip324.h.

◆ m_send_garbage_terminator

std::array<std::byte, GARBAGE_TERMINATOR_LEN> BIP324Cipher::m_send_garbage_terminator
private

Definition at line 40 of file bip324.h.

◆ m_send_l_cipher

std::optional<FSChaCha20> BIP324Cipher::m_send_l_cipher
private

Definition at line 31 of file bip324.h.

◆ m_send_p_cipher

std::optional<FSChaCha20Poly1305> BIP324Cipher::m_send_p_cipher
private

Definition at line 33 of file bip324.h.

◆ m_session_id

std::array<std::byte, SESSION_ID_LEN> BIP324Cipher::m_session_id
private

Definition at line 39 of file bip324.h.

◆ REKEY_INTERVAL

constexpr unsigned BIP324Cipher::REKEY_INTERVAL {224}
staticconstexpr

Definition at line 24 of file bip324.h.

◆ SESSION_ID_LEN

constexpr unsigned BIP324Cipher::SESSION_ID_LEN {32}
staticconstexpr

Definition at line 22 of file bip324.h.

The documentation for this class was generated from the following files:
Generated on Mon Oct 2 2023 20:03:29 for Bitcoin Core by doxygen 1.9.1