EcAdapter::publicKeyFromBuffer() - Code Metrics - Inspection of "ltc and tltc segwit prefix" - Bit-Wasp/bitcoin-php - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 0.0.34 ( 61212b...2e9020 )

by thomas

created 2018-03-11 22:06 UTC

EcAdapter::publicKeyFromBuffer() D

↳ Parent: EcAdapter

Complexity

Conditions	9
Paths	7

Size

Total Lines	31
Code Lines	23

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	21
CRAP Score	9.0076

Importance

Changes

Metric	Value
cc	9
eloc	23
nc	7
nop	1
dl	0
loc	31
ccs	21
cts	22
cp	0.9545
crap	9.0076
rs	4.909
c	0
b	0
f	0

<?php

namespace BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Adapter;

use BitWasp\Bitcoin\Crypto\EcAdapter\Adapter\EcAdapterInterface;
use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Key\PrivateKey;
use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Key\PublicKey;
use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Signature\CompactSignature;
use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Signature\Signature;
use BitWasp\Bitcoin\Crypto\EcAdapter\Key\PrivateKeyInterface;
use BitWasp\Bitcoin\Crypto\EcAdapter\Key\PublicKeyInterface;
use BitWasp\Bitcoin\Crypto\EcAdapter\Signature\CompactSignatureInterface;
use BitWasp\Bitcoin\Crypto\EcAdapter\Signature\SignatureInterface;
use BitWasp\Bitcoin\Crypto\Random\RbgInterface;
use BitWasp\Bitcoin\Crypto\Random\Rfc6979;
use BitWasp\Bitcoin\Math\Math;
use BitWasp\Buffertools\BufferInterface;
use Mdanter\Ecc\Crypto\Signature\Signer;
use Mdanter\Ecc\Primitives\GeneratorPoint;
use Mdanter\Ecc\Primitives\PointInterface;

class EcAdapter implements EcAdapterInterface
{
    /**
     * @var Math
     */
    private $math;

    /**
     * @var GeneratorPoint
     */
    private $generator;

    /**
     * @param Math $math
     * @param GeneratorPoint $generator
     */
    public function __construct(Math $math, GeneratorPoint $generator)
    {
        $this->math = $math;
        $this->generator = $generator;
    }

    /**
     * @return Math
     */
    public function getMath()
    {
        return $this->math;
    }

    /**
     * @return GeneratorPoint
     */
    public function getGenerator()
    {
        return $this->generator;
    }

    /**
     * @param \GMP $scalar
     * @param bool|false $compressed
     * @return PrivateKey
     */
    public function getPrivateKey(\GMP $scalar, $compressed = false)
    {
        return new PrivateKey($this, $scalar, $compressed);
    }

    /**
     * @param PointInterface $point
     * @param bool|false $compressed
     * @return PublicKey
     */
    public function getPublicKey(PointInterface $point, $compressed = false)
    {
        return new PublicKey($this, $point, $compressed);
    }

    /**
     * @param \GMP $r
     * @param \GMP $s
     * @return Signature
     */
    public function getSignature(\GMP $r, \GMP $s)
    {
        return new Signature($this, $r, $s);
    }

    /**
     * @param BufferInterface $messageHash
     * @param PublicKey $publicKey
     * @param Signature $signature
     * @return bool
     */
    private function doVerify(BufferInterface $messageHash, PublicKey $publicKey, Signature $signature)
    {
        $hash = gmp_init($messageHash->getHex(), 16);
        $signer = new Signer($this->math);
        return $signer->verify($publicKey, $signature, $hash);
    }

    /**
     * @param BufferInterface $messageHash
     * @param PublicKeyInterface $publicKey
     * @param SignatureInterface $signature
     * @return bool
     */
    public function verify(BufferInterface $messageHash, PublicKeyInterface $publicKey, SignatureInterface $signature)
    {
        /** @var PublicKey $publicKey */
        /** @var Signature $signature */
        return $this->doVerify($messageHash, $publicKey, $signature);

    }

    /**
     * @param BufferInterface $messageHash
     * @param PrivateKey $privateKey
     * @param RbgInterface|null $rbg
     * @return Signature
     */
    private function doSign(BufferInterface $messageHash, PrivateKey $privateKey, RbgInterface $rbg = null)
    {
        $rbg = $rbg ?: new Rfc6979($this, $privateKey, $messageHash);
        $randomK = gmp_init($rbg->bytes(32)->getHex(), 16);
        $hash = gmp_init($messageHash->getHex(), 16);

        $signer = new Signer($this->math);
        $signature = $signer->sign($privateKey, $hash, $randomK);
        $s = $signature->getS();

        // if s is less than half the curve order, invert s
        if (!$this->validateSignatureElement($s, true)) {
            $s = $this->math->sub($this->generator->getOrder(), $s);
        }

        return new Signature($this, $signature->getR(), $s);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
    }

    /**
     * @param BufferInterface $messageHash
     * @param PrivateKeyInterface $privateKey
     * @param RbgInterface $rbg
     * @return SignatureInterface
     * @throws \BitWasp\Bitcoin\Exceptions\RandomBytesFailure
     */
    public function sign(BufferInterface $messageHash, PrivateKeyInterface $privateKey, RbgInterface $rbg = null)
    {
        /** @var PrivateKey $privateKey */
        return $this->doSign($messageHash, $privateKey, $rbg);
    }

    /**
     * @param BufferInterface $messageHash
     * @param CompactSignatureInterface $signature
     * @return PublicKey
     * @throws \Exception
     */
    public function recover(BufferInterface $messageHash, CompactSignatureInterface $signature)
    {
        $math = $this->getMath();
        $G = $this->getGenerator();

        $zero = gmp_init(0);
        $one = gmp_init(1);

        $r = $signature->getR();
        $s = $signature->getS();
        $recGMP = gmp_init($signature->getRecoveryId(), 10);
        $isYEven = $math->cmp($math->bitwiseAnd($recGMP, $one), $zero) !== 0;
        $isSecondKey = $math->cmp($math->bitwiseAnd($recGMP, gmp_init(2)), $zero) !== 0;
        $curve = $G->getCurve();

        // Precalculate (p + 1) / 4 where p is the field order
        $p_over_four = $math->div($math->add($curve->getPrime(), $one), gmp_init(4));

        // 1.1 Compute x
        if (!$isSecondKey) {
            $x = $r;
        } else {
            $x = $math->add($r, $G->getOrder());
        }

        // 1.3 Convert x to point
        $alpha = $math->mod($math->add($math->add($math->pow($x, 3), $math->mul($curve->getA(), $x)), $curve->getB()), $curve->getPrime());
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
        $beta = $math->powmod($alpha, $p_over_four, $curve->getPrime());

        // If beta is even, but y isn't or vice versa, then convert it,
        // otherwise we're done and y=beta.
        if ($math->isEven($beta) === $isYEven) {
            $y = $math->sub($curve->getPrime(), $beta);
        } else {
            $y = $beta;
        }

        // 1.4 Check that nR is at infinity (implicitly done in constructor)
        $R = $G->getCurve()->getPoint($x, $y);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        $point_negate = function (PointInterface $p) use ($math, $G) {
            return $G->getCurve()->getPoint($p->getX(), $math->mul($p->getY(), gmp_init('-1', 10)));
        };

        // 1.6.1 Compute a candidate public key Q = r^-1 (sR - eG)
        $rInv = $math->inverseMod($r, $G->getOrder());
        $eGNeg = $point_negate($G->mul($messageHash->getGmp()));
        $Q = $R->mul($s)->add($eGNeg)->mul($rInv);

        // 1.6.2 Test Q as a public key
        $Qk = new PublicKey($this, $Q, $signature->isCompressed());
        if ($this->verify($messageHash, $Qk, $signature->convert())) {
            return $Qk;
        }

        throw new \Exception('Unable to recover public key');
    }

    /**
     * Attempt to calculate the public key recovery param by trial and error
     *
     * @param \GMP $r
     * @param \GMP $s
     * @param BufferInterface $messageHash
     * @param PublicKey $publicKey
     * @return int
     * @throws \Exception
     */
    public function calcPubKeyRecoveryParam(\GMP $r, \GMP $s, BufferInterface $messageHash, PublicKey $publicKey)
    {
        $Q = $publicKey->getPoint();
        for ($i = 0; $i < 4; $i++) {
            try {
                $recover = $this->recover($messageHash, new CompactSignature($this, $r, $s, $i, $publicKey->isCompressed()));
                if ($Q->equals($recover->getPoint())) {
                    return $i;
                }
            } catch (\Exception $e) {
                continue;
            }
        }

        throw new \Exception('Failed to find valid recovery factor');
    }

    /**
     * @param BufferInterface $messageHash
     * @param PrivateKey $privateKey
     * @param RbgInterface|null $rbg
     * @return CompactSignature
     * @throws \Exception
     */
    private function doSignCompact(BufferInterface $messageHash, PrivateKey $privateKey, RbgInterface $rbg = null)
    {
        $sign = $this->sign($messageHash, $privateKey, $rbg);

        // calculate the recovery param
        // there should be a way to get this when signing too, but idk how ...
        return new CompactSignature(
            $this,
            $sign->getR(),
            $sign->getS(),
            $this->calcPubKeyRecoveryParam($sign->getR(), $sign->getS(), $messageHash, $privateKey->getPublicKey()),
            $privateKey->isCompressed()
        );
    }

    /**
     * @param PrivateKeyInterface $privateKey
     * @param BufferInterface $messageHash
     * @param RbgInterface $rbg
     * @return CompactSignature
     */
    public function signCompact(BufferInterface $messageHash, PrivateKeyInterface $privateKey, RbgInterface $rbg = null)
    {
        /** @var PrivateKey $privateKey */
        return $this->doSignCompact($messageHash, $privateKey, $rbg);
    }

    /**
     * @param BufferInterface $privateKey
     * @return bool
     */
    public function validatePrivateKey(BufferInterface $privateKey)
    {
        $math = $this->math;
        $scalar = $privateKey->getGmp();
        return $math->cmp($scalar, gmp_init(0)) > 0 && $math->cmp($scalar, $this->getGenerator()->getOrder()) < 0;
    }

    /**
     * @param \GMP $element
     * @param bool $half
     * @return bool
     */
    public function validateSignatureElement(\GMP $element, $half = false)
    {
        $math = $this->getMath();
        $against = $this->getGenerator()->getOrder();
        if ($half) {
            $against = $math->rightShift($against, 1);
        }

        return $math->cmp($element, $against) < 0 && $math->cmp($element, gmp_init(0)) !== 0;
    }

    /**
     * @param BufferInterface $publicKey
     * @return PublicKeyInterface
     * @throws \Exception
     */
    public function publicKeyFromBuffer(BufferInterface $publicKey)
    {
        $prefix = $publicKey->slice(0, 1)->getBinary();
        $size = $publicKey->getSize();
        $compressed = false;
        if ($prefix === PublicKey::KEY_UNCOMPRESSED || $prefix === "\x06" || $prefix === "\x07") {
            if ($size !== PublicKey::LENGTH_UNCOMPRESSED) {
                throw new \Exception('Invalid length for uncompressed key');
            }
        } else if ($prefix === PublicKey::KEY_COMPRESSED_EVEN || $prefix === PublicKey::KEY_COMPRESSED_ODD) {
            if ($size !== PublicKey::LENGTH_COMPRESSED) {
                throw new \Exception('Invalid length for compressed key');
            }
            $compressed = true;
        } else {
            throw new \Exception('Unknown public key prefix');
        }
        
        $x = $publicKey->slice(1, 32)->getGmp();
        $curve = $this->generator->getCurve();
        $y = $compressed
            ? $curve->recoverYfromX($prefix === PublicKey::KEY_COMPRESSED_ODD, $x)
            : $publicKey->slice(33, 32)->getGmp();

        return new PublicKey(
            $this,
            $curve->getPoint($x, $y),
            $compressed,
            $prefix
        );
    }
}


1		<?php
2
3		namespace BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Adapter;
4
5		use BitWasp\Bitcoin\Crypto\EcAdapter\Adapter\EcAdapterInterface;
6		use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Key\PrivateKey;
7		use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Key\PublicKey;
8		use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Signature\CompactSignature;
9		use BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Signature\Signature;
10		use BitWasp\Bitcoin\Crypto\EcAdapter\Key\PrivateKeyInterface;
11		use BitWasp\Bitcoin\Crypto\EcAdapter\Key\PublicKeyInterface;
12		use BitWasp\Bitcoin\Crypto\EcAdapter\Signature\CompactSignatureInterface;
13		use BitWasp\Bitcoin\Crypto\EcAdapter\Signature\SignatureInterface;
14		use BitWasp\Bitcoin\Crypto\Random\RbgInterface;
15		use BitWasp\Bitcoin\Crypto\Random\Rfc6979;
16		use BitWasp\Bitcoin\Math\Math;
17		use BitWasp\Buffertools\BufferInterface;
18		use Mdanter\Ecc\Crypto\Signature\Signer;
19		use Mdanter\Ecc\Primitives\GeneratorPoint;
20		use Mdanter\Ecc\Primitives\PointInterface;
21
22		class EcAdapter implements EcAdapterInterface
23		{
24		/**
25		* @var Math
26		*/
27		private $math;
28
29		/**
30		* @var GeneratorPoint
31		*/
32		private $generator;
33
34		/**
35		* @param Math $math
36		* @param GeneratorPoint $generator
37		*/
38	13	public function __construct(Math $math, GeneratorPoint $generator)
39		{
40	13	$this->math = $math;
41	13	$this->generator = $generator;
42	13	}
43
44		/**
45		* @return Math
46		*/
47	321	public function getMath()
48		{
49	321	return $this->math;
50		}
51
52		/**
53		* @return GeneratorPoint
54		*/
55	160	public function getGenerator()
56		{
57	160	return $this->generator;
58		}
59
60		/**
61		* @param \GMP $scalar
62		* @param bool\|false $compressed
63		* @return PrivateKey
64		*/
65	61	public function getPrivateKey(\GMP $scalar, $compressed = false)
66		{
67	61	return new PrivateKey($this, $scalar, $compressed);
68		}
69
70		/**
71		* @param PointInterface $point
72		* @param bool\|false $compressed
73		* @return PublicKey
74		*/
75	71	public function getPublicKey(PointInterface $point, $compressed = false)
76		{
77	71	return new PublicKey($this, $point, $compressed);
78		}
79
80		/**
81		* @param \GMP $r
82		* @param \GMP $s
83		* @return Signature
84		*/
85		public function getSignature(\GMP $r, \GMP $s)
86		{
87		return new Signature($this, $r, $s);
88		}
89
90		/**
91		* @param BufferInterface $messageHash
92		* @param PublicKey $publicKey
93		* @param Signature $signature
94		* @return bool
95		*/
96	98	private function doVerify(BufferInterface $messageHash, PublicKey $publicKey, Signature $signature)
97		{
98	98	$hash = gmp_init($messageHash->getHex(), 16);
99	98	$signer = new Signer($this->math);
100	98	return $signer->verify($publicKey, $signature, $hash);
101		}
102
103		/**
104		* @param BufferInterface $messageHash
105		* @param PublicKeyInterface $publicKey
106		* @param SignatureInterface $signature
107		* @return bool
108		*/
109	98	public function verify(BufferInterface $messageHash, PublicKeyInterface $publicKey, SignatureInterface $signature)
110		{
111		/** @var PublicKey $publicKey */
112		/** @var Signature $signature */
113	98	return $this->doVerify($messageHash, $publicKey, $signature);
		0 ignored issues – show Compatibility introduced 2015-11-21 03:53 UTC by Report Bug Copy Issue Report `$publicKey` of type `object<BitWasp\Bitcoin\C...Key\PublicKeyInterface>` is not a sub-type of `object<BitWasp\Bitcoin\C...l\PhpEcc\Key\PublicKey>`. It seems like you assume a concrete implementation of the interface `BitWasp\Bitcoin\Crypto\E...\Key\PublicKeyInterface` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
114		}
115
116		/**
117		* @param BufferInterface $messageHash
118		* @param PrivateKey $privateKey
119		* @param RbgInterface\|null $rbg
120		* @return Signature
121		*/
122	34	private function doSign(BufferInterface $messageHash, PrivateKey $privateKey, RbgInterface $rbg = null)
123		{
124	34	$rbg = $rbg ?: new Rfc6979($this, $privateKey, $messageHash);
125	34	$randomK = gmp_init($rbg->bytes(32)->getHex(), 16);
126	34	$hash = gmp_init($messageHash->getHex(), 16);
127
128	34	$signer = new Signer($this->math);
129	34	$signature = $signer->sign($privateKey, $hash, $randomK);
130	34	$s = $signature->getS();
131
132		// if s is less than half the curve order, invert s
133	34	if (!$this->validateSignatureElement($s, true)) {
134	16	$s = $this->math->sub($this->generator->getOrder(), $s);
135		}
136
137	34	return new Signature($this, $signature->getR(), $s);
		0 ignored issues – show Bug introduced 2016-06-17 22:20 UTC by Report Bug Copy Issue Report It seems like `$s` defined by `$this->math->sub($this->...erator->getOrder(), $s)` on line `134` can also be of type `resource`; however, `BitWasp\Bitcoin\Crypto\E...ignature::__construct()` does only seem to accept `object<GMP>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
138		}
139
140		/**
141		* @param BufferInterface $messageHash
142		* @param PrivateKeyInterface $privateKey
143		* @param RbgInterface $rbg
144		* @return SignatureInterface
145		* @throws \BitWasp\Bitcoin\Exceptions\RandomBytesFailure
146		*/
147	34	public function sign(BufferInterface $messageHash, PrivateKeyInterface $privateKey, RbgInterface $rbg = null)
148		{
149		/** @var PrivateKey $privateKey */
150	34	return $this->doSign($messageHash, $privateKey, $rbg);
151		}
152
153		/**
154		* @param BufferInterface $messageHash
155		* @param CompactSignatureInterface $signature
156		* @return PublicKey
157		* @throws \Exception
158		*/
159	8	public function recover(BufferInterface $messageHash, CompactSignatureInterface $signature)
160		{
161	8	$math = $this->getMath();
162	8	$G = $this->getGenerator();
163
164	8	$zero = gmp_init(0);
165	8	$one = gmp_init(1);
166
167	8	$r = $signature->getR();
168	8	$s = $signature->getS();
169	8	$recGMP = gmp_init($signature->getRecoveryId(), 10);
170	8	$isYEven = $math->cmp($math->bitwiseAnd($recGMP, $one), $zero) !== 0;
171	8	$isSecondKey = $math->cmp($math->bitwiseAnd($recGMP, gmp_init(2)), $zero) !== 0;
172	8	$curve = $G->getCurve();
173
174		// Precalculate (p + 1) / 4 where p is the field order
175	8	$p_over_four = $math->div($math->add($curve->getPrime(), $one), gmp_init(4));
176
177		// 1.1 Compute x
178	8	if (!$isSecondKey) {
179	8	$x = $r;
180		} else {
181	2	$x = $math->add($r, $G->getOrder());
182		}
183
184		// 1.3 Convert x to point
185	8	$alpha = $math->mod($math->add($math->add($math->pow($x, 3), $math->mul($curve->getA(), $x)), $curve->getB()), $curve->getPrime());
		0 ignored issues – show Bug introduced 2016-06-17 17:50 UTC by Report Bug Copy Issue Report It seems like `$x` defined by `$math->add($r, $G->getOrder())` on line `181` can also be of type `resource`; however, `Mdanter\Ecc\Math\GmpMath::pow()` does only seem to accept `object<GMP>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string / function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history... Bug introduced 2016-06-17 17:50 UTC by Report Bug Copy Issue Report It seems like `$x` defined by `$math->add($r, $G->getOrder())` on line `181` can also be of type `resource`; however, `Mdanter\Ecc\Math\GmpMath::mul()` does only seem to accept `object<GMP>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /* * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
186	8	$beta = $math->powmod($alpha, $p_over_four, $curve->getPrime());
187
188		// If beta is even, but y isn't or vice versa, then convert it,
189		// otherwise we're done and y=beta.
190	8	if ($math->isEven($beta) === $isYEven) {
191	7	$y = $math->sub($curve->getPrime(), $beta);
192		} else {
193	7	$y = $beta;
194		}
195
196		// 1.4 Check that nR is at infinity (implicitly done in constructor)
197	8	$R = $G->getCurve()->getPoint($x, $y);
		0 ignored issues – show Bug introduced 2016-06-17 17:50 UTC by Report Bug Copy Issue Report It seems like `$x` defined by `$math->add($r, $G->getOrder())` on line `181` can also be of type `resource`; however, `Mdanter\Ecc\Primitives\C...FpInterface::getPoint()` does only seem to accept `object<GMP>`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
198
199	8	$point_negate = function (PointInterface $p) use ($math, $G) {
200	8	return $G->getCurve()->getPoint($p->getX(), $math->mul($p->getY(), gmp_init('-1', 10)));
201	8	};
202
203		// 1.6.1 Compute a candidate public key Q = r^-1 (sR - eG)
204	8	$rInv = $math->inverseMod($r, $G->getOrder());
205	8	$eGNeg = $point_negate($G->mul($messageHash->getGmp()));
206	8	$Q = $R->mul($s)->add($eGNeg)->mul($rInv);
207
208		// 1.6.2 Test Q as a public key
209	8	$Qk = new PublicKey($this, $Q, $signature->isCompressed());
210	8	if ($this->verify($messageHash, $Qk, $signature->convert())) {
211	6	return $Qk;
212		}
213
214	2	throw new \Exception('Unable to recover public key');
215		}
216
217		/**
218		* Attempt to calculate the public key recovery param by trial and error
219		*
220		* @param \GMP $r
221		* @param \GMP $s
222		* @param BufferInterface $messageHash
223		* @param PublicKey $publicKey
224		* @return int
225		* @throws \Exception
226		*/
227	7	public function calcPubKeyRecoveryParam(\GMP $r, \GMP $s, BufferInterface $messageHash, PublicKey $publicKey)
228		{
229	7	$Q = $publicKey->getPoint();
230	7	for ($i = 0; $i < 4; $i++) {
231		try {
232	7	$recover = $this->recover($messageHash, new CompactSignature($this, $r, $s, $i, $publicKey->isCompressed()));
233	5	if ($Q->equals($recover->getPoint())) {
234	5	return $i;
235		}
236	2	} catch (\Exception $e) {
237	2	continue;
238		}
239		}
240
241	2	throw new \Exception('Failed to find valid recovery factor');
242		}
243
244		/**
245		* @param BufferInterface $messageHash
246		* @param PrivateKey $privateKey
247		* @param RbgInterface\|null $rbg
248		* @return CompactSignature
249		* @throws \Exception
250		*/
251	5	private function doSignCompact(BufferInterface $messageHash, PrivateKey $privateKey, RbgInterface $rbg = null)
252		{
253	5	$sign = $this->sign($messageHash, $privateKey, $rbg);
254
255		// calculate the recovery param
256		// there should be a way to get this when signing too, but idk how ...
257	5	return new CompactSignature(
258	5	$this,
259	5	$sign->getR(),
260	5	$sign->getS(),
261	5	$this->calcPubKeyRecoveryParam($sign->getR(), $sign->getS(), $messageHash, $privateKey->getPublicKey()),
262	5	$privateKey->isCompressed()
263		);
264		}
265
266		/**
267		* @param PrivateKeyInterface $privateKey
268		* @param BufferInterface $messageHash
269		* @param RbgInterface $rbg
270		* @return CompactSignature
271		*/
272	5	public function signCompact(BufferInterface $messageHash, PrivateKeyInterface $privateKey, RbgInterface $rbg = null)
273		{
274		/** @var PrivateKey $privateKey */
275	5	return $this->doSignCompact($messageHash, $privateKey, $rbg);
276		}
277
278		/**
279		* @param BufferInterface $privateKey
280		* @return bool
281		*/
282	63	public function validatePrivateKey(BufferInterface $privateKey)
283		{
284	63	$math = $this->math;
285	63	$scalar = $privateKey->getGmp();
286	63	return $math->cmp($scalar, gmp_init(0)) > 0 && $math->cmp($scalar, $this->getGenerator()->getOrder()) < 0;
287		}
288
289		/**
290		* @param \GMP $element
291		* @param bool $half
292		* @return bool
293		*/
294	37	public function validateSignatureElement(\GMP $element, $half = false)
295		{
296	37	$math = $this->getMath();
297	37	$against = $this->getGenerator()->getOrder();
298	37	if ($half) {
299	37	$against = $math->rightShift($against, 1);
300		}
301
302	37	return $math->cmp($element, $against) < 0 && $math->cmp($element, gmp_init(0)) !== 0;
303		}
304
305		/**
306		* @param BufferInterface $publicKey
307		* @return PublicKeyInterface
308		* @throws \Exception
309		*/
310	159	public function publicKeyFromBuffer(BufferInterface $publicKey)
311		{
312	159	$prefix = $publicKey->slice(0, 1)->getBinary();
313	159	$size = $publicKey->getSize();
314	159	$compressed = false;
315	159	if ($prefix === PublicKey::KEY_UNCOMPRESSED \|\| $prefix === "\x06" \|\| $prefix === "\x07") {
316	68	if ($size !== PublicKey::LENGTH_UNCOMPRESSED) {
317	68	throw new \Exception('Invalid length for uncompressed key');
318		}
319	101	} else if ($prefix === PublicKey::KEY_COMPRESSED_EVEN \|\| $prefix === PublicKey::KEY_COMPRESSED_ODD) {
320	100	if ($size !== PublicKey::LENGTH_COMPRESSED) {
321		throw new \Exception('Invalid length for compressed key');
322		}
323	100	$compressed = true;
324		} else {
325	1	throw new \Exception('Unknown public key prefix');
326		}
327
328	157	$x = $publicKey->slice(1, 32)->getGmp();
329	157	$curve = $this->generator->getCurve();
330	157	$y = $compressed
331	100	? $curve->recoverYfromX($prefix === PublicKey::KEY_COMPRESSED_ODD, $x)
332	157	: $publicKey->slice(33, 32)->getGmp();
333
334	157	return new PublicKey(
335	157	$this,
336	157	$curve->getPoint($x, $y),
337	157	$compressed,
338	157	$prefix
339		);
340		}
341		}
342

Bit-Wasp / bitcoin-php

Push — 0.0.34 ( 61212b...2e9020 )

EcAdapter::publicKeyFromBuffer() D

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like