Bitcoin Core 28.99.0
P2P Digital Currency
Public Member Functions | Static Public Attributes | Private Types | Private Member Functions | Static Private Member Functions | Private Attributes | Friends | List of all members
CKey Class Reference

An encapsulated private key. More...

#include <key.h>

Public Member Functions

 CKey () noexcept=default
 
 CKey (CKey &&) noexcept=default
 
CKeyoperator= (CKey &&) noexcept=default
 
CKeyoperator= (const CKey &other)
 
 CKey (const CKey &other)
 
template<typename T >
void Set (const T pbegin, const T pend, bool fCompressedIn)
 Initialize using begin and end iterators to byte data. More...
 
unsigned int size () const
 Simple read-only vector-like interface. More...
 
const std::byte * data () const
 
const std::byte * begin () const
 
const std::byte * end () const
 
bool IsValid () const
 Check whether this private key is valid. More...
 
bool IsCompressed () const
 Check whether the public key corresponding to this private key is (to be) compressed. More...
 
void MakeNewKey (bool fCompressed)
 Generate a new private key using a cryptographic PRNG. More...
 
CPrivKey GetPrivKey () const
 Convert the private key to a CPrivKey (serialized OpenSSL private key data). More...
 
CPubKey GetPubKey () const
 Compute the public key from a private key. More...
 
bool Sign (const uint256 &hash, std::vector< unsigned char > &vchSig, bool grind=true, uint32_t test_case=0) const
 Create a DER-serialized signature. More...
 
bool SignCompact (const uint256 &hash, std::vector< unsigned char > &vchSig) const
 Create a compact signature (65 bytes), which allows reconstructing the used public key. More...
 
bool SignSchnorr (const uint256 &hash, Span< unsigned char > sig, const uint256 *merkle_root, const uint256 &aux) const
 Create a BIP-340 Schnorr signature, for the xonly-pubkey corresponding to *this, optionally tweaked by *merkle_root. More...
 
bool Derive (CKey &keyChild, ChainCode &ccChild, unsigned int nChild, const ChainCode &cc) const
 Derive BIP32 child key. More...
 
bool VerifyPubKey (const CPubKey &vchPubKey) const
 Verify thoroughly whether a private key and a public key match. More...
 
bool Load (const CPrivKey &privkey, const CPubKey &vchPubKey, bool fSkipCheck)
 Load private key and check that public key matches. More...
 
EllSwiftPubKey EllSwiftCreate (Span< const std::byte > entropy) const
 Create an ellswift-encoded public key for this key, with specified entropy. More...
 
ECDHSecret ComputeBIP324ECDHSecret (const EllSwiftPubKey &their_ellswift, const EllSwiftPubKey &our_ellswift, bool initiating) const
 Compute a BIP324-style ECDH shared secret. More...
 
KeyPair ComputeKeyPair (const uint256 *merkle_root) const
 Compute a KeyPair. More...
 

Static Public Attributes

static const unsigned int SIZE = 279
 secp256k1: More...
 
static const unsigned int COMPRESSED_SIZE = 214
 

Private Types

using KeyType = std::array< unsigned char, 32 >
 see www.keylength.com script supports up to 75 for single byte push More...
 

Private Member Functions

void MakeKeyData ()
 
void ClearKeyData ()
 

Static Private Member Functions

static bool Check (const unsigned char *vch)
 Check whether the 32-byte array pointed to by vch is valid keydata. More...
 

Private Attributes

bool fCompressed {false}
 Whether the public key corresponding to this private key is (to be) compressed. More...
 
secure_unique_ptr< KeyTypekeydata
 The actual byte data. nullptr for invalid keys. More...
 

Friends

bool operator== (const CKey &a, const CKey &b)
 

Detailed Description

An encapsulated private key.

Definition at line 34 of file key.h.

Member Typedef Documentation

◆ KeyType

using CKey::KeyType = std::array<unsigned char, 32>
private

see www.keylength.com script supports up to 75 for single byte push

Internal data container for private key material.

Definition at line 52 of file key.h.

Constructor & Destructor Documentation

◆ CKey() [1/3]

CKey::CKey ( )
defaultnoexcept

◆ CKey() [2/3]

CKey::CKey ( CKey &&  )
defaultnoexcept

◆ CKey() [3/3]

CKey::CKey ( const CKey other)
inline

Definition at line 92 of file key.h.

Member Function Documentation

◆ begin()

const std::byte * CKey::begin ( ) const
inline

Definition at line 119 of file key.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ Check()

bool CKey::Check ( const unsigned char *  vch)
staticprivate

Check whether the 32-byte array pointed to by vch is valid keydata.

Definition at line 157 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ ClearKeyData()

void CKey::ClearKeyData ( )
inlineprivate

Definition at line 68 of file key.h.

Here is the caller graph for this function:

◆ ComputeBIP324ECDHSecret()

ECDHSecret CKey::ComputeBIP324ECDHSecret ( const EllSwiftPubKey their_ellswift,
const EllSwiftPubKey our_ellswift,
bool  initiating 
) const

Compute a BIP324-style ECDH shared secret.

  • their_ellswift: EllSwiftPubKey that was received from the other side.
  • our_ellswift: EllSwiftPubKey that was sent to the other side (must have been generated from *this using EllSwiftCreate()).
  • initiating: whether we are the initiating party (true) or responding party (false).

Definition at line 327 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ ComputeKeyPair()

KeyPair CKey::ComputeKeyPair ( const uint256 merkle_root) const

Compute a KeyPair.

Wraps a secp256k1_keypair type.

merkle_root is used to optionally perform tweaking of the internal key, as specified in BIP341:

  • If merkle_root == nullptr: no tweaking is done, use the internal key directly (this is used for signatures in BIP342 script).
  • If merkle_root->IsNull(): tweak the internal key with H_TapTweak(pubkey) (this is used for key path spending when no scripts are present).
  • Otherwise: tweak the internal key with H_TapTweak(pubkey || *merkle_root) (this is used for key path spending with the Merkle root of the script tree).

Definition at line 347 of file key.cpp.

Here is the caller graph for this function:

◆ data()

const std::byte * CKey::data ( ) const
inline

Definition at line 118 of file key.h.

Here is the caller graph for this function:

◆ Derive()

bool CKey::Derive ( CKey keyChild,
ChainCode ccChild,
unsigned int  nChild,
const ChainCode cc 
) const

Derive BIP32 child key.

Definition at line 292 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ EllSwiftCreate()

EllSwiftPubKey CKey::EllSwiftCreate ( Span< const std::byte >  entropy) const

Create an ellswift-encoded public key for this key, with specified entropy.

entropy must be a 32-byte span with additional entropy to use in the encoding. Every public key has ~2^256 different encodings, and this function will deterministically pick one of them, based on entropy. Note that even without truly random entropy, the resulting encoding will be indistinguishable from uniform to any adversary who does not know the private key (because the private key itself is always used as entropy as well).

Definition at line 311 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ end()

const std::byte * CKey::end ( ) const
inline

Definition at line 120 of file key.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GetPrivKey()

CPrivKey CKey::GetPrivKey ( ) const

Convert the private key to a CPrivKey (serialized OpenSSL private key data).

This is expensive.

Definition at line 169 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GetPubKey()

CPubKey CKey::GetPubKey ( ) const

Compute the public key from a private key.

This is expensive.

Definition at line 182 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ IsCompressed()

bool CKey::IsCompressed ( ) const
inline

Check whether the public key corresponding to this private key is (to be) compressed.

Definition at line 126 of file key.h.

Here is the caller graph for this function:

◆ IsValid()

bool CKey::IsValid ( ) const
inline

Check whether this private key is valid.

Definition at line 123 of file key.h.

Here is the caller graph for this function:

◆ Load()

bool CKey::Load ( const CPrivKey privkey,
const CPubKey vchPubKey,
bool  fSkipCheck = false 
)

Load private key and check that public key matches.

Definition at line 278 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ MakeKeyData()

void CKey::MakeKeyData ( )
inlineprivate

Definition at line 63 of file key.h.

Here is the caller graph for this function:

◆ MakeNewKey()

void CKey::MakeNewKey ( bool  fCompressed)

Generate a new private key using a cryptographic PRNG.

Definition at line 161 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ operator=() [1/2]

CKey & CKey::operator= ( CKey &&  )
defaultnoexcept

◆ operator=() [2/2]

CKey & CKey::operator= ( const CKey other)
inline

Definition at line 78 of file key.h.

Here is the call graph for this function:

◆ Set()

template<typename T >
void CKey::Set ( const T  pbegin,
const T  pend,
bool  fCompressedIn 
)
inline

Initialize using begin and end iterators to byte data.

Definition at line 103 of file key.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ Sign()

bool CKey::Sign ( const uint256 hash,
std::vector< unsigned char > &  vchSig,
bool  grind = true,
uint32_t  test_case = 0 
) const

Create a DER-serialized signature.

The test_case parameter tweaks the deterministic nonce.

Definition at line 208 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ SignCompact()

bool CKey::SignCompact ( const uint256 hash,
std::vector< unsigned char > &  vchSig 
) const

Create a compact signature (65 bytes), which allows reconstructing the used public key.

The format is one header byte, followed by two times 32 bytes for the serialized r and s values. The header byte: 0x1B = first key with even y, 0x1C = first key with odd y, 0x1D = second key with even y, 0x1E = second key with odd y, add 0x04 for compressed keys.

Definition at line 249 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ SignSchnorr()

bool CKey::SignSchnorr ( const uint256 hash,
Span< unsigned char >  sig,
const uint256 merkle_root,
const uint256 aux 
) const

Create a BIP-340 Schnorr signature, for the xonly-pubkey corresponding to *this, optionally tweaked by *merkle_root.

Additional nonce entropy is provided through aux.

merkle_root is used to optionally perform tweaking of the private key, as specified in BIP341:

  • If merkle_root == nullptr: no tweaking is done, sign with key directly (this is used for signatures in BIP342 script).
  • If merkle_root->IsNull(): sign with key + H_TapTweak(pubkey) (this is used for key path spending when no scripts are present).
  • Otherwise: sign with key + H_TapTweak(pubkey || *merkle_root) (this is used for key path spending, with specific Merkle root of the script tree).

Definition at line 272 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ size()

unsigned int CKey::size ( ) const
inline

Simple read-only vector-like interface.

Definition at line 117 of file key.h.

Here is the caller graph for this function:

◆ VerifyPubKey()

bool CKey::VerifyPubKey ( const CPubKey vchPubKey) const

Verify thoroughly whether a private key and a public key match.

This is done using a different mechanism than just regenerating it.

Definition at line 236 of file key.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

Friends And Related Function Documentation

◆ operator==

bool operator== ( const CKey a,
const CKey b 
)
friend

Definition at line 94 of file key.h.

Member Data Documentation

◆ COMPRESSED_SIZE

const unsigned int CKey::COMPRESSED_SIZE = 214
static

Definition at line 41 of file key.h.

◆ fCompressed

bool CKey::fCompressed {false}
private

Whether the public key corresponding to this private key is (to be) compressed.

Definition at line 55 of file key.h.

◆ keydata

secure_unique_ptr<KeyType> CKey::keydata
private

The actual byte data. nullptr for invalid keys.

Definition at line 58 of file key.h.

◆ SIZE

const unsigned int CKey::SIZE = 279
static

secp256k1:

Definition at line 40 of file key.h.

The documentation for this class was generated from the following files:
Generated on Wed Dec 18 2024 20:00:29 for Bitcoin Core by doxygen 1.9.4