diff --git a/src/key.h b/src/key.h --- a/src/key.h +++ b/src/key.h @@ -31,7 +31,7 @@ */ typedef std::vector> CPrivKey; -/** An encapsulated private key. */ +/** An encapsulated secp256k1 private key. */ class CKey { private: //! Whether this private key is valid. We check for correctness when @@ -107,15 +107,15 @@ CPubKey GetPubKey() const; /** - * Create a DER-serialized signature. + * Create a DER-serialized ECDSA signature. * The test_case parameter tweaks the deterministic nonce. */ - bool Sign(const uint256 &hash, std::vector &vchSig, - uint32_t test_case = 0) const; + bool SignECDSA(const uint256 &hash, std::vector &vchSig, + uint32_t test_case = 0) const; /** - * Create a compact signature (65 bytes), which allows reconstructing the - * used public key. + * Create a compact ECDSA signature (65 bytes), which allows reconstructing + * the used public key. * The format is one header byte, followed by two times 32 bytes for the * serialized r and s values. * The header byte: 0x1B = first key with even y, 0x1C = first key with odd @@ -133,6 +133,7 @@ /** * Verify thoroughly whether a private key and a public key match. * This is done using a different mechanism than just regenerating it. + * (An ECDSA signature is created then verified.) */ bool VerifyPubKey(const CPubKey &vchPubKey) const; diff --git a/src/key.cpp b/src/key.cpp --- a/src/key.cpp +++ b/src/key.cpp @@ -183,8 +183,8 @@ return result; } -bool CKey::Sign(const uint256 &hash, std::vector &vchSig, - uint32_t test_case) const { +bool CKey::SignECDSA(const uint256 &hash, std::vector &vchSig, + uint32_t test_case) const { if (!fValid) return false; vchSig.resize(72); size_t nSigLen = 72; @@ -214,8 +214,8 @@ .Write(rnd, sizeof(rnd)) .Finalize(hash.begin()); std::vector vchSig; - Sign(hash, vchSig); - return pubkey.Verify(hash, vchSig); + SignECDSA(hash, vchSig); + return pubkey.VerifyECDSA(hash, vchSig); } bool CKey::SignCompact(const uint256 &hash, diff --git a/src/pubkey.h b/src/pubkey.h --- a/src/pubkey.h +++ b/src/pubkey.h @@ -36,7 +36,7 @@ typedef uint256 ChainCode; -/** An encapsulated public key. */ +/** An encapsulated secp256k1 public key. */ class CPubKey { private: /** @@ -136,13 +136,14 @@ bool IsCompressed() const { return size() == 33; } /** - * Verify a DER signature (~72 bytes). + * Verify a DER-serialized ECDSA signature (~72 bytes). * If this public key is not fully valid, the return value will be false. */ - bool Verify(const uint256 &hash, const std::vector &vchSig) const; + bool VerifyECDSA(const uint256 &hash, + const std::vector &vchSig) const; /** - * Check whether a signature is normalized (lower-S). + * Check whether a DER-serialized ECDSA signature is normalized (lower-S). */ static bool CheckLowS(const boost::sliced_range> &vchSig); @@ -150,7 +151,7 @@ return CheckLowS(vchSig | boost::adaptors::sliced(0, vchSig.size())); } - //! Recover a public key from a compact signature. + //! Recover a public key from a compact ECDSA signature. bool RecoverCompact(const uint256 &hash, const std::vector &vchSig); diff --git a/src/pubkey.cpp b/src/pubkey.cpp --- a/src/pubkey.cpp +++ b/src/pubkey.cpp @@ -166,8 +166,8 @@ return 1; } -bool CPubKey::Verify(const uint256 &hash, - const std::vector &vchSig) const { +bool CPubKey::VerifyECDSA(const uint256 &hash, + const std::vector &vchSig) const { if (!IsValid()) { return false; } diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp --- a/src/script/interpreter.cpp +++ b/src/script/interpreter.cpp @@ -1465,7 +1465,7 @@ bool BaseSignatureChecker::VerifySignature(const std::vector &vchSig, const CPubKey &pubkey, const uint256 &sighash) const { - return pubkey.Verify(sighash, vchSig); + return pubkey.VerifyECDSA(sighash, vchSig); } bool TransactionSignatureChecker::CheckSig( diff --git a/src/script/sign.cpp b/src/script/sign.cpp --- a/src/script/sign.cpp +++ b/src/script/sign.cpp @@ -30,7 +30,7 @@ } uint256 hash = SignatureHash(scriptCode, *txTo, nIn, sigHashType, amount); - if (!key.Sign(hash, vchSig)) { + if (!key.SignECDSA(hash, vchSig)) { return false; } diff --git a/src/test/checkdatasig_tests.cpp b/src/test/checkdatasig_tests.cpp --- a/src/test/checkdatasig_tests.cpp +++ b/src/test/checkdatasig_tests.cpp @@ -130,7 +130,7 @@ // Check valid signatures (as in the signature format is valid). valtype validsig; - kd.privkey.Sign(messageHash, validsig); + kd.privkey.SignECDSA(messageHash, validsig); CheckTestResultForAllFlags({validsig, message, pubkey}, CScript() << OP_CHECKDATASIG, {{0x01}}); diff --git a/src/test/key_tests.cpp b/src/test/key_tests.cpp --- a/src/test/key_tests.cpp +++ b/src/test/key_tests.cpp @@ -94,30 +94,30 @@ std::vector sign1, sign2, sign1C, sign2C; - BOOST_CHECK(key1.Sign(hashMsg, sign1)); - BOOST_CHECK(key2.Sign(hashMsg, sign2)); - BOOST_CHECK(key1C.Sign(hashMsg, sign1C)); - BOOST_CHECK(key2C.Sign(hashMsg, sign2C)); - - BOOST_CHECK(pubkey1.Verify(hashMsg, sign1)); - BOOST_CHECK(!pubkey1.Verify(hashMsg, sign2)); - BOOST_CHECK(pubkey1.Verify(hashMsg, sign1C)); - BOOST_CHECK(!pubkey1.Verify(hashMsg, sign2C)); - - BOOST_CHECK(!pubkey2.Verify(hashMsg, sign1)); - BOOST_CHECK(pubkey2.Verify(hashMsg, sign2)); - BOOST_CHECK(!pubkey2.Verify(hashMsg, sign1C)); - BOOST_CHECK(pubkey2.Verify(hashMsg, sign2C)); - - BOOST_CHECK(pubkey1C.Verify(hashMsg, sign1)); - BOOST_CHECK(!pubkey1C.Verify(hashMsg, sign2)); - BOOST_CHECK(pubkey1C.Verify(hashMsg, sign1C)); - BOOST_CHECK(!pubkey1C.Verify(hashMsg, sign2C)); - - BOOST_CHECK(!pubkey2C.Verify(hashMsg, sign1)); - BOOST_CHECK(pubkey2C.Verify(hashMsg, sign2)); - BOOST_CHECK(!pubkey2C.Verify(hashMsg, sign1C)); - BOOST_CHECK(pubkey2C.Verify(hashMsg, sign2C)); + BOOST_CHECK(key1.SignECDSA(hashMsg, sign1)); + BOOST_CHECK(key2.SignECDSA(hashMsg, sign2)); + BOOST_CHECK(key1C.SignECDSA(hashMsg, sign1C)); + BOOST_CHECK(key2C.SignECDSA(hashMsg, sign2C)); + + BOOST_CHECK(pubkey1.VerifyECDSA(hashMsg, sign1)); + BOOST_CHECK(!pubkey1.VerifyECDSA(hashMsg, sign2)); + BOOST_CHECK(pubkey1.VerifyECDSA(hashMsg, sign1C)); + BOOST_CHECK(!pubkey1.VerifyECDSA(hashMsg, sign2C)); + + BOOST_CHECK(!pubkey2.VerifyECDSA(hashMsg, sign1)); + BOOST_CHECK(pubkey2.VerifyECDSA(hashMsg, sign2)); + BOOST_CHECK(!pubkey2.VerifyECDSA(hashMsg, sign1C)); + BOOST_CHECK(pubkey2.VerifyECDSA(hashMsg, sign2C)); + + BOOST_CHECK(pubkey1C.VerifyECDSA(hashMsg, sign1)); + BOOST_CHECK(!pubkey1C.VerifyECDSA(hashMsg, sign2)); + BOOST_CHECK(pubkey1C.VerifyECDSA(hashMsg, sign1C)); + BOOST_CHECK(!pubkey1C.VerifyECDSA(hashMsg, sign2C)); + + BOOST_CHECK(!pubkey2C.VerifyECDSA(hashMsg, sign1)); + BOOST_CHECK(pubkey2C.VerifyECDSA(hashMsg, sign2)); + BOOST_CHECK(!pubkey2C.VerifyECDSA(hashMsg, sign1C)); + BOOST_CHECK(pubkey2C.VerifyECDSA(hashMsg, sign2C)); // compact signatures (with key recovery) @@ -146,15 +146,15 @@ std::vector detsig, detsigc; std::string strMsg = "Very deterministic message"; uint256 hashMsg = Hash(strMsg.begin(), strMsg.end()); - BOOST_CHECK(key1.Sign(hashMsg, detsig)); - BOOST_CHECK(key1C.Sign(hashMsg, detsigc)); + BOOST_CHECK(key1.SignECDSA(hashMsg, detsig)); + BOOST_CHECK(key1C.SignECDSA(hashMsg, detsigc)); BOOST_CHECK(detsig == detsigc); BOOST_CHECK(detsig == ParseHex("3045022100c6ab5f8acfccc114da39dd5ad0b1ef4d39df6a721e8" "24c22e00b7bc7944a1f7802206ff23df3802e241ee234a8b66c40" "c82e56a6cc37f9b50463111c9f9229b8f3b3")); - BOOST_CHECK(key2.Sign(hashMsg, detsig)); - BOOST_CHECK(key2C.Sign(hashMsg, detsigc)); + BOOST_CHECK(key2.SignECDSA(hashMsg, detsig)); + BOOST_CHECK(key2C.SignECDSA(hashMsg, detsigc)); BOOST_CHECK(detsig == detsigc); BOOST_CHECK(detsig == ParseHex("304502210094dc5a77b8d5db6b42b66c29d7033cd873fac7a1272" diff --git a/src/test/multisig_tests.cpp b/src/test/multisig_tests.cpp --- a/src/test/multisig_tests.cpp +++ b/src/test/multisig_tests.cpp @@ -30,7 +30,7 @@ result << OP_0; for (const CKey &key : keys) { std::vector vchSig; - BOOST_CHECK(key.Sign(hash, vchSig)); + BOOST_CHECK(key.SignECDSA(hash, vchSig)); vchSig.push_back(uint8_t(SIGHASH_ALL)); result << vchSig; } diff --git a/src/test/script_tests.cpp b/src/test/script_tests.cpp --- a/src/test/script_tests.cpp +++ b/src/test/script_tests.cpp @@ -267,7 +267,7 @@ std::vector vchSig, r, s; uint32_t iter = 0; do { - key.Sign(hash, vchSig, iter++); + key.SignECDSA(hash, vchSig, iter++); if ((lenS == 33) != (vchSig[5 + vchSig[3]] == 33)) { NegateSignatureS(vchSig); } @@ -1440,7 +1440,7 @@ result << OP_0; for (const CKey &key : keys) { std::vector vchSig; - BOOST_CHECK(key.Sign(hash, vchSig)); + BOOST_CHECK(key.SignECDSA(hash, vchSig)); vchSig.push_back(uint8_t(SIGHASH_ALL)); result << vchSig; } @@ -1723,19 +1723,19 @@ std::vector sig1; uint256 hash1 = SignatureHash(scriptPubKey, CTransaction(txTo), 0, SigHashType(), Amount::zero()); - BOOST_CHECK(keys[0].Sign(hash1, sig1)); + BOOST_CHECK(keys[0].SignECDSA(hash1, sig1)); sig1.push_back(SIGHASH_ALL); std::vector sig2; uint256 hash2 = SignatureHash( scriptPubKey, CTransaction(txTo), 0, SigHashType().withBaseType(BaseSigHashType::NONE), Amount::zero()); - BOOST_CHECK(keys[1].Sign(hash2, sig2)); + BOOST_CHECK(keys[1].SignECDSA(hash2, sig2)); sig2.push_back(SIGHASH_NONE); std::vector sig3; uint256 hash3 = SignatureHash( scriptPubKey, CTransaction(txTo), 0, SigHashType().withBaseType(BaseSigHashType::SINGLE), Amount::zero()); - BOOST_CHECK(keys[2].Sign(hash3, sig3)); + BOOST_CHECK(keys[2].SignECDSA(hash3, sig3)); sig3.push_back(SIGHASH_SINGLE); // Not fussy about order (or even existence) of placeholders or signatures: diff --git a/src/test/txvalidationcache_tests.cpp b/src/test/txvalidationcache_tests.cpp --- a/src/test/txvalidationcache_tests.cpp +++ b/src/test/txvalidationcache_tests.cpp @@ -55,7 +55,7 @@ uint256 hash = SignatureHash(scriptPubKey, CTransaction(spends[i]), 0, SigHashType().withForkId(), coinbaseTxns[0].vout[0].nValue); - BOOST_CHECK(coinbaseKey.Sign(hash, vchSig)); + BOOST_CHECK(coinbaseKey.SignECDSA(hash, vchSig)); vchSig.push_back(uint8_t(SIGHASH_ALL | SIGHASH_FORKID)); spends[i].vin[0].scriptSig << vchSig; } @@ -187,7 +187,7 @@ uint256 nulldummySigHash = SignatureHash( p2pk_scriptPubKey, CTransaction(mutableFunding_tx), 0, SigHashType().withForkId(), coinbaseTxns[0].vout[0].nValue); - BOOST_CHECK(coinbaseKey.Sign(nulldummySigHash, nullDummyVchSig)); + BOOST_CHECK(coinbaseKey.SignECDSA(nulldummySigHash, nullDummyVchSig)); nullDummyVchSig.push_back(uint8_t(SIGHASH_ALL | SIGHASH_FORKID)); mutableFunding_tx.vin[0].scriptSig << nullDummyVchSig; } @@ -231,7 +231,7 @@ uint256 hash = SignatureHash( nulldummyPubKeyScript, CTransaction(mutableSpend_tx), 0, SigHashType().withForkId(), funding_tx.vout[0].nValue); - coinbaseKey.Sign(hash, vchSig); + coinbaseKey.SignECDSA(hash, vchSig); vchSig.push_back(uint8_t(SIGHASH_ALL | SIGHASH_FORKID)); // The last item on the stack will be dropped by CHECKMULTISIG This is @@ -316,7 +316,7 @@ uint256 hash = SignatureHash( spend_tx.vout[1].scriptPubKey, CTransaction(invalid_with_cltv_tx), 0, SigHashType().withForkId(), spend_tx.vout[1].nValue); - BOOST_CHECK(coinbaseKey.Sign(hash, vchSig)); + BOOST_CHECK(coinbaseKey.SignECDSA(hash, vchSig)); vchSig.push_back(uint8_t(SIGHASH_ALL | SIGHASH_FORKID)); invalid_with_cltv_tx.vin[0].scriptSig = CScript() << vchSig << 101; @@ -353,7 +353,7 @@ uint256 hash = SignatureHash( spend_tx.vout[2].scriptPubKey, CTransaction(invalid_with_csv_tx), 0, SigHashType().withForkId(), spend_tx.vout[2].nValue); - BOOST_CHECK(coinbaseKey.Sign(hash, vchSig)); + BOOST_CHECK(coinbaseKey.SignECDSA(hash, vchSig)); vchSig.push_back(uint8_t(SIGHASH_ALL | SIGHASH_FORKID)); invalid_with_csv_tx.vin[0].scriptSig = CScript() << vchSig << 101;