Struct sp_core::ecdsa::Signature

source ·
pub struct Signature(pub [u8; 65]);
Expand description

A signature (a 512-bit value, plus 8 bits for recovery ID).

Tuple Fields§

§0: [u8; 65]

Implementations§

A new instance from the given 65-byte data.

NOTE: No checking goes on to ensure this is a real signature. Only use it if you are certain that the array actually is a signature. GIGO!

A new instance from the given slice that should be 65 bytes long.

NOTE: No checking goes on to ensure this is a real signature. Only use it if you are certain that the array actually is a signature. GIGO!

Examples found in repository?
src/ecdsa.rs (line 486)
485
486
487
488
489
490
	fn verify_weak<P: AsRef<[u8]>, M: AsRef<[u8]>>(sig: &[u8], message: M, pubkey: P) -> bool {
		match Signature::from_slice(sig).and_then(|sig| sig.recover(message)) {
			Some(actual) => actual.as_ref() == pubkey.as_ref(),
			None => false,
		}
	}

Recover the public key from this signature and a message.

Examples found in repository?
src/ecdsa.rs (line 475)
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
	fn verify<M: AsRef<[u8]>>(sig: &Self::Signature, message: M, pubkey: &Self::Public) -> bool {
		match sig.recover(message) {
			Some(actual) => actual == *pubkey,
			None => false,
		}
	}

	/// Verify a signature on a message. Returns true if the signature is good.
	///
	/// This doesn't use the type system to ensure that `sig` and `pubkey` are the correct
	/// size. Use it only if you're coming from byte buffers and need the speed.
	fn verify_weak<P: AsRef<[u8]>, M: AsRef<[u8]>>(sig: &[u8], message: M, pubkey: P) -> bool {
		match Signature::from_slice(sig).and_then(|sig| sig.recover(message)) {
			Some(actual) => actual.as_ref() == pubkey.as_ref(),
			None => false,
		}
	}

Recover the public key from this signature and a pre-hashed message.

Examples found in repository?
src/ecdsa.rs (line 330)
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
	pub fn recover<M: AsRef<[u8]>>(&self, message: M) -> Option<Public> {
		self.recover_prehashed(&blake2_256(message.as_ref()))
	}

	/// Recover the public key from this signature and a pre-hashed message.
	#[cfg(feature = "full_crypto")]
	pub fn recover_prehashed(&self, message: &[u8; 32]) -> Option<Public> {
		let rid = RecoveryId::from_i32(self.0[64] as i32).ok()?;
		let sig = RecoverableSignature::from_compact(&self.0[..64], rid).ok()?;
		let message = Message::from_slice(message).expect("Message is 32 bytes; qed");

		#[cfg(feature = "std")]
		let context = SECP256K1;
		#[cfg(not(feature = "std"))]
		let context = Secp256k1::verification_only();

		context
			.recover_ecdsa(&message, &sig)
			.ok()
			.map(|pubkey| Public(pubkey.serialize()))
	}
}

#[cfg(feature = "full_crypto")]
impl From<RecoverableSignature> for Signature {
	fn from(recsig: RecoverableSignature) -> Signature {
		let mut r = Self::default();
		let (recid, sig) = recsig.serialize_compact();
		r.0[..64].copy_from_slice(&sig);
		// This is safe due to the limited range of possible valid ids.
		r.0[64] = recid.to_i32() as u8;
		r
	}
}

/// Derive a single hard junction.
#[cfg(feature = "full_crypto")]
fn derive_hard_junction(secret_seed: &Seed, cc: &[u8; 32]) -> Seed {
	("Secp256k1HDKD", secret_seed, cc).using_encoded(sp_core_hashing::blake2_256)
}

/// An error when deriving a key.
#[cfg(feature = "full_crypto")]
pub enum DeriveError {
	/// A soft key was found in the path (and is unsupported).
	SoftKeyInPath,
}

/// A key pair.
#[cfg(feature = "full_crypto")]
#[derive(Clone)]
pub struct Pair {
	public: Public,
	secret: SecretKey,
}

#[cfg(feature = "full_crypto")]
impl TraitPair for Pair {
	type Public = Public;
	type Seed = Seed;
	type Signature = Signature;
	type DeriveError = DeriveError;

	/// Generate new secure (random) key pair and provide the recovery phrase.
	///
	/// You can recover the same key later with `from_phrase`.
	#[cfg(feature = "std")]
	fn generate_with_phrase(password: Option<&str>) -> (Pair, String, Seed) {
		let mnemonic = Mnemonic::new(MnemonicType::Words12, Language::English);
		let phrase = mnemonic.phrase();
		let (pair, seed) = Self::from_phrase(phrase, password)
			.expect("All phrases generated by Mnemonic are valid; qed");
		(pair, phrase.to_owned(), seed)
	}

	/// Generate key pair from given recovery phrase and password.
	#[cfg(feature = "std")]
	fn from_phrase(
		phrase: &str,
		password: Option<&str>,
	) -> Result<(Pair, Seed), SecretStringError> {
		let big_seed = substrate_bip39::seed_from_entropy(
			Mnemonic::from_phrase(phrase, Language::English)
				.map_err(|_| SecretStringError::InvalidPhrase)?
				.entropy(),
			password.unwrap_or(""),
		)
		.map_err(|_| SecretStringError::InvalidSeed)?;
		let mut seed = Seed::default();
		seed.copy_from_slice(&big_seed[0..32]);
		Self::from_seed_slice(&big_seed[0..32]).map(|x| (x, seed))
	}

	/// Make a new key pair from secret seed material.
	///
	/// You should never need to use this; generate(), generate_with_phrase
	fn from_seed(seed: &Seed) -> Pair {
		Self::from_seed_slice(&seed[..]).expect("seed has valid length; qed")
	}

	/// Make a new key pair from secret seed material. The slice must be 32 bytes long or it
	/// will return `None`.
	///
	/// You should never need to use this; generate(), generate_with_phrase
	fn from_seed_slice(seed_slice: &[u8]) -> Result<Pair, SecretStringError> {
		let secret =
			SecretKey::from_slice(seed_slice).map_err(|_| SecretStringError::InvalidSeedLength)?;

		#[cfg(feature = "std")]
		let context = SECP256K1;
		#[cfg(not(feature = "std"))]
		let context = Secp256k1::signing_only();

		let public = PublicKey::from_secret_key(&context, &secret);
		let public = Public(public.serialize());
		Ok(Pair { public, secret })
	}

	/// Derive a child key from a series of given junctions.
	fn derive<Iter: Iterator<Item = DeriveJunction>>(
		&self,
		path: Iter,
		_seed: Option<Seed>,
	) -> Result<(Pair, Option<Seed>), DeriveError> {
		let mut acc = self.seed();
		for j in path {
			match j {
				DeriveJunction::Soft(_cc) => return Err(DeriveError::SoftKeyInPath),
				DeriveJunction::Hard(cc) => acc = derive_hard_junction(&acc, &cc),
			}
		}
		Ok((Self::from_seed(&acc), Some(acc)))
	}

	/// Get the public key.
	fn public(&self) -> Public {
		self.public
	}

	/// Sign a message.
	fn sign(&self, message: &[u8]) -> Signature {
		self.sign_prehashed(&blake2_256(message))
	}

	/// Verify a signature on a message. Returns true if the signature is good.
	fn verify<M: AsRef<[u8]>>(sig: &Self::Signature, message: M, pubkey: &Self::Public) -> bool {
		match sig.recover(message) {
			Some(actual) => actual == *pubkey,
			None => false,
		}
	}

	/// Verify a signature on a message. Returns true if the signature is good.
	///
	/// This doesn't use the type system to ensure that `sig` and `pubkey` are the correct
	/// size. Use it only if you're coming from byte buffers and need the speed.
	fn verify_weak<P: AsRef<[u8]>, M: AsRef<[u8]>>(sig: &[u8], message: M, pubkey: P) -> bool {
		match Signature::from_slice(sig).and_then(|sig| sig.recover(message)) {
			Some(actual) => actual.as_ref() == pubkey.as_ref(),
			None => false,
		}
	}

	/// Return a vec filled with raw data.
	fn to_raw_vec(&self) -> Vec<u8> {
		self.seed().to_vec()
	}
}

#[cfg(feature = "full_crypto")]
impl Pair {
	/// Get the seed for this key.
	pub fn seed(&self) -> Seed {
		self.secret.secret_bytes()
	}

	/// Exactly as `from_string` except that if no matches are found then, the the first 32
	/// characters are taken (padded with spaces as necessary) and used as the MiniSecretKey.
	#[cfg(feature = "std")]
	pub fn from_legacy_string(s: &str, password_override: Option<&str>) -> Pair {
		Self::from_string(s, password_override).unwrap_or_else(|_| {
			let mut padded_seed: Seed = [b' '; 32];
			let len = s.len().min(32);
			padded_seed[..len].copy_from_slice(&s.as_bytes()[..len]);
			Self::from_seed(&padded_seed)
		})
	}

	/// Sign a pre-hashed message
	pub fn sign_prehashed(&self, message: &[u8; 32]) -> Signature {
		let message = Message::from_slice(message).expect("Message is 32 bytes; qed");

		#[cfg(feature = "std")]
		let context = SECP256K1;
		#[cfg(not(feature = "std"))]
		let context = Secp256k1::signing_only();

		context.sign_ecdsa_recoverable(&message, &self.secret).into()
	}

	/// Verify a signature on a pre-hashed message. Return `true` if the signature is valid
	/// and thus matches the given `public` key.
	pub fn verify_prehashed(sig: &Signature, message: &[u8; 32], public: &Public) -> bool {
		match sig.recover_prehashed(message) {
			Some(actual) => actual == *public,
			None => false,
		}
	}

Trait Implementations§

Converts this type into a mutable reference of the (usually inferred) input type.
Converts this type into a shared reference of the (usually inferred) input type.
Converts this type into a shared reference of the (usually inferred) input type.
Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
The pair key type of this crypto.
Formats the value using the given formatter. Read more
Attempt to deserialise the value from input.
Attempt to skip the encoded value from input. Read more
Returns the fixed encoded size of the type. Read more
Returns the “default value” for a type. Read more
Deserialize this value from the given Serde deserializer. Read more
Convert self to a slice and append it to the destination.
Convert self to an owned vector.
Convert self to a slice and then invoke the given closure with it.
If possible give a hint of expected size of the encoding. Read more
Calculates the encoded size. Read more
Converts to this type from the input type.
Converts to this type from the input type.
Feeds this value into the given Hasher. Read more
Feeds a slice of this type into the given Hasher. Read more
Upper bound, in bytes, of the maximum encoded size of this item.
This method tests for self and other values to be equal, and is used by ==.
This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
The strategy that should be used to pass the type.
The inner type that is wrapped by Self.
Consumes self and returns the inner type.
Returns the reference to the inner type.
Construct Self from the given inner.
Serialize this value into the given Serde serializer. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type identifying for which type info is provided. Read more
Returns the static type identifier for Self.
Convert from an instance of T to Self. This is not guaranteed to be whatever counts as a valid instance of T and it’s up to the caller to ensure that it makes sense.

Auto Trait Implementations§

Blanket Implementations§

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more
Decode Self and consume all of the given input data. Read more
Decode Self and consume all of the given input data. Read more
Decode Self with the given maximum recursion depth and advance input by the number of bytes consumed. Read more
Convert Box<dyn Trait> (where Trait: Downcast) to Box<dyn Any>. Box<dyn Any> can then be further downcast into Box<ConcreteType> where ConcreteType implements Trait.
Convert Rc<Trait> (where Trait: Downcast) to Rc<Any>. Rc<Any> can then be further downcast into Rc<ConcreteType> where ConcreteType implements Trait.
Convert &Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &Any’s vtable from &Trait’s.
Convert &mut Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &mut Any’s vtable from &mut Trait’s.
Convert Arc<Trait> (where Trait: Downcast) to Arc<Any>. Arc<Any> can then be further downcast into Arc<ConcreteType> where ConcreteType implements Trait.
Compare self to key and return true if they are equal.

Returns the argument unchanged.

As Self can be an unsized type, it needs to be represented by a sized type at the host. This SelfInstance is the sized type.
Create SelfInstance from the given
Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Convert self into a ffi value.

Get a reference to the inner from the outer.

Get a mutable reference to the inner from the outer.

Return an encoding of Self prepended by given slice.
The ffi type that is used to represent Self.
Should always be Self
Encode the hex strict representing self into the result. Lower case letters are used (e.g. f9b4ca)
Encode the hex strict representing self into the result. Upper case letters are used (e.g. F9B4CA)
The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The counterpart to unchecked_from.
Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more