You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
154 lines
4.2 KiB
154 lines
4.2 KiB
/*
|
|
This file is part of cpp-ethereum.
|
|
|
|
cpp-ethereum is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
cpp-ethereum is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with cpp-ethereum. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
/** @file Transaction.cpp
|
|
* @author Gav Wood <i@gavwood.com>
|
|
* @date 2014
|
|
*/
|
|
|
|
#include <secp256k1/secp256k1.h>
|
|
#include <libdevcore/vector_ref.h>
|
|
#include <libdevcore/Log.h>
|
|
#include <libethcore/Exceptions.h>
|
|
#include "Transaction.h"
|
|
using namespace std;
|
|
using namespace dev;
|
|
using namespace dev::eth;
|
|
|
|
#define ETH_ADDRESS_DEBUG 0
|
|
|
|
Transaction::Transaction(bytesConstRef _rlpData, bool _checkSender)
|
|
{
|
|
int field = 0;
|
|
RLP rlp(_rlpData);
|
|
try
|
|
{
|
|
nonce = rlp[field = 0].toInt<u256>();
|
|
gasPrice = rlp[field = 1].toInt<u256>();
|
|
gas = rlp[field = 2].toInt<u256>();
|
|
receiveAddress = rlp[field = 3].toHash<Address>();
|
|
value = rlp[field = 4].toInt<u256>();
|
|
data = rlp[field = 5].toBytes();
|
|
vrs = Signature{ rlp[field = 6].toInt<byte>(), rlp[field = 7].toInt<u256>(), rlp[field = 8].toInt<u256>() };
|
|
if (_checkSender)
|
|
m_sender = sender();
|
|
}
|
|
catch (Exception & _e)
|
|
{
|
|
_e << errinfo_name("invalid transaction format") << BadFieldError(field,toHex(rlp[field].data().toBytes()));
|
|
throw;
|
|
}
|
|
}
|
|
|
|
Address Transaction::safeSender() const noexcept
|
|
{
|
|
try
|
|
{
|
|
return sender();
|
|
}
|
|
catch (...)
|
|
{
|
|
cwarn << "safeSender() did throw an exception: " << boost::current_exception_diagnostic_information();
|
|
return Address();
|
|
}
|
|
}
|
|
|
|
Address Transaction::sender() const
|
|
{
|
|
if (!m_sender)
|
|
{
|
|
secp256k1_start();
|
|
|
|
h256 sig[2] = { vrs.r, vrs.s };
|
|
h256 msg = sha3(false);
|
|
|
|
byte pubkey[65];
|
|
int pubkeylen = 65;
|
|
if (!secp256k1_ecdsa_recover_compact(msg.data(), 32, sig[0].data(), pubkey, &pubkeylen, 0, (int)vrs.v - 27))
|
|
BOOST_THROW_EXCEPTION(InvalidSignature());
|
|
|
|
// TODO: check right160 is correct and shouldn't be left160.
|
|
m_sender = right160(dev::eth::sha3(bytesConstRef(&(pubkey[1]), 64)));
|
|
|
|
#if ETH_ADDRESS_DEBUG
|
|
cout << "---- RECOVER -------------------------------" << endl;
|
|
cout << "MSG: " << msg << endl;
|
|
cout << "R S V: " << sig[0] << " " << sig[1] << " " << (int)(vrs.v - 27) << "+27" << endl;
|
|
cout << "PUB: " << toHex(bytesConstRef(&(pubkey[1]), 64)) << endl;
|
|
cout << "ADR: " << m_sender << endl;
|
|
#endif
|
|
}
|
|
return m_sender;
|
|
}
|
|
|
|
void Transaction::sign(Secret _priv)
|
|
{
|
|
int v = 0;
|
|
|
|
secp256k1_start();
|
|
|
|
h256 msg = sha3(false);
|
|
h256 sig[2];
|
|
h256 nonce = kFromMessage(msg, _priv);
|
|
|
|
if (!secp256k1_ecdsa_sign_compact(msg.data(), 32, sig[0].data(), _priv.data(), nonce.data(), &v))
|
|
BOOST_THROW_EXCEPTION(InvalidSignature());
|
|
#if ETH_ADDRESS_DEBUG
|
|
cout << "---- SIGN -------------------------------" << endl;
|
|
cout << "MSG: " << msg << endl;
|
|
cout << "SEC: " << _priv << endl;
|
|
cout << "NON: " << nonce << endl;
|
|
cout << "R S V: " << sig[0] << " " << sig[1] << " " << v << "+27" << endl;
|
|
#endif
|
|
|
|
vrs.v = (byte)(v + 27);
|
|
vrs.r = (u256)sig[0];
|
|
vrs.s = (u256)sig[1];
|
|
}
|
|
|
|
void Transaction::fillStream(RLPStream& _s, bool _sig) const
|
|
{
|
|
_s.appendList((_sig ? 3 : 0) + 6);
|
|
_s << nonce << gasPrice << gas;
|
|
if (receiveAddress)
|
|
_s << receiveAddress;
|
|
else
|
|
_s << "";
|
|
_s << value << data;
|
|
if (_sig)
|
|
_s << vrs.v << vrs.r << vrs.s;
|
|
}
|
|
|
|
// If the h256 return is an integer, store it in bigendian (i.e. u256 ret; ... return (h256)ret; )
|
|
h256 Transaction::kFromMessage(h256 _msg, h256 _priv)
|
|
{
|
|
// TODO!
|
|
// bytes v(32, 1);
|
|
// bytes k(32, 0);
|
|
/*
|
|
v = '\x01' * 32
|
|
k = '\x00' * 32
|
|
priv = encode_privkey(priv,'bin')
|
|
msghash = encode(hash_to_int(msghash),256,32)
|
|
k = hmac.new(k, v+'\x00'+priv+msghash, hashlib.sha256).digest()
|
|
v = hmac.new(k, v, hashlib.sha256).digest()
|
|
k = hmac.new(k, v+'\x01'+priv+msghash, hashlib.sha256).digest()
|
|
v = hmac.new(k, v, hashlib.sha256).digest()
|
|
return decode(hmac.new(k, v, hashlib.sha256).digest(),256)
|
|
*/
|
|
return _msg ^ _priv;
|
|
}
|
|
|
|
|