2018-08-01 23:06:03 -07:00
|
|
|
// Copyright (c) 2018 The Bitcoin Private developers
|
|
|
|
// Copyright (c) 2016 The Zcash developers
|
|
|
|
// Distributed under the MIT software license, see the accompanying
|
|
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
2018-03-31 06:39:58 -07:00
|
|
|
|
2018-08-01 23:06:03 -07:00
|
|
|
#ifndef BITCOIN_ZCASH_NOTEENCRYPTION_H
|
|
|
|
#define BITCOIN_ZCASH_NOTEENCRYPTION_H
|
2018-03-31 06:39:58 -07:00
|
|
|
|
2018-07-23 13:00:58 -07:00
|
|
|
#include <array>
|
2018-03-31 06:39:58 -07:00
|
|
|
#include "uint256.h"
|
|
|
|
#include "uint252.h"
|
|
|
|
|
|
|
|
#include "zcash/Zcash.h"
|
|
|
|
|
|
|
|
namespace libzcash {
|
|
|
|
|
|
|
|
#define NOTEENCRYPTION_AUTH_BYTES 16
|
|
|
|
|
|
|
|
template<size_t MLEN>
|
|
|
|
class NoteEncryption {
|
|
|
|
protected:
|
|
|
|
enum { CLEN=MLEN+NOTEENCRYPTION_AUTH_BYTES };
|
|
|
|
uint256 epk;
|
|
|
|
uint256 esk;
|
|
|
|
unsigned char nonce;
|
|
|
|
uint256 hSig;
|
|
|
|
|
|
|
|
public:
|
2018-04-03 20:14:22 -07:00
|
|
|
typedef std::array<unsigned char, CLEN> Ciphertext;
|
|
|
|
typedef std::array<unsigned char, MLEN> Plaintext;
|
2018-03-31 06:39:58 -07:00
|
|
|
|
|
|
|
NoteEncryption(uint256 hSig);
|
|
|
|
|
|
|
|
// Gets the ephemeral secret key
|
|
|
|
uint256 get_esk() {
|
|
|
|
return esk;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Gets the ephemeral public key
|
|
|
|
uint256 get_epk() {
|
|
|
|
return epk;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Encrypts `message` with `pk_enc` and returns the ciphertext.
|
|
|
|
// This is only called ZC_NUM_JS_OUTPUTS times for a given instantiation;
|
|
|
|
// but can be called 255 times before the nonce-space runs out.
|
|
|
|
Ciphertext encrypt(const uint256 &pk_enc,
|
|
|
|
const Plaintext &message
|
|
|
|
);
|
|
|
|
|
|
|
|
// Creates a NoteEncryption private key
|
|
|
|
static uint256 generate_privkey(const uint252 &a_sk);
|
|
|
|
|
|
|
|
// Creates a NoteEncryption public key from a private key
|
|
|
|
static uint256 generate_pubkey(const uint256 &sk_enc);
|
|
|
|
};
|
|
|
|
|
|
|
|
template<size_t MLEN>
|
|
|
|
class NoteDecryption {
|
|
|
|
protected:
|
|
|
|
enum { CLEN=MLEN+NOTEENCRYPTION_AUTH_BYTES };
|
|
|
|
uint256 sk_enc;
|
|
|
|
uint256 pk_enc;
|
|
|
|
|
|
|
|
public:
|
2018-04-03 20:14:22 -07:00
|
|
|
typedef std::array<unsigned char, CLEN> Ciphertext;
|
|
|
|
typedef std::array<unsigned char, MLEN> Plaintext;
|
2018-03-31 06:39:58 -07:00
|
|
|
|
|
|
|
NoteDecryption() { }
|
|
|
|
NoteDecryption(uint256 sk_enc);
|
|
|
|
|
|
|
|
Plaintext decrypt(const Ciphertext &ciphertext,
|
|
|
|
const uint256 &epk,
|
|
|
|
const uint256 &hSig,
|
|
|
|
unsigned char nonce
|
|
|
|
) const;
|
|
|
|
|
|
|
|
friend inline bool operator==(const NoteDecryption& a, const NoteDecryption& b) {
|
|
|
|
return a.sk_enc == b.sk_enc && a.pk_enc == b.pk_enc;
|
|
|
|
}
|
|
|
|
friend inline bool operator<(const NoteDecryption& a, const NoteDecryption& b) {
|
|
|
|
return (a.sk_enc < b.sk_enc ||
|
|
|
|
(a.sk_enc == b.sk_enc && a.pk_enc < b.pk_enc));
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
uint256 random_uint256();
|
|
|
|
uint252 random_uint252();
|
|
|
|
|
|
|
|
class note_decryption_failed : public std::runtime_error {
|
|
|
|
public:
|
|
|
|
note_decryption_failed() : std::runtime_error("Could not decrypt message") { }
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Subclass PaymentDisclosureNoteDecryption provides a method to decrypt a note with esk.
|
|
|
|
template<size_t MLEN>
|
|
|
|
class PaymentDisclosureNoteDecryption : public NoteDecryption<MLEN> {
|
|
|
|
protected:
|
|
|
|
public:
|
|
|
|
enum { CLEN=MLEN+NOTEENCRYPTION_AUTH_BYTES };
|
2018-04-03 20:14:22 -07:00
|
|
|
typedef std::array<unsigned char, CLEN> Ciphertext;
|
|
|
|
typedef std::array<unsigned char, MLEN> Plaintext;
|
2018-03-31 06:39:58 -07:00
|
|
|
|
|
|
|
PaymentDisclosureNoteDecryption() : NoteDecryption<MLEN>() {}
|
|
|
|
PaymentDisclosureNoteDecryption(uint256 sk_enc) : NoteDecryption<MLEN>(sk_enc) {}
|
|
|
|
|
|
|
|
Plaintext decryptWithEsk(
|
|
|
|
const Ciphertext &ciphertext,
|
|
|
|
const uint256 &pk_enc,
|
|
|
|
const uint256 &esk,
|
|
|
|
const uint256 &hSig,
|
|
|
|
unsigned char nonce
|
|
|
|
) const;
|
|
|
|
};
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
typedef libzcash::NoteEncryption<ZC_NOTEPLAINTEXT_SIZE> ZCNoteEncryption;
|
|
|
|
typedef libzcash::NoteDecryption<ZC_NOTEPLAINTEXT_SIZE> ZCNoteDecryption;
|
|
|
|
|
|
|
|
typedef libzcash::PaymentDisclosureNoteDecryption<ZC_NOTEPLAINTEXT_SIZE> ZCPaymentDisclosureNoteDecryption;
|
|
|
|
|
2018-08-01 23:06:03 -07:00
|
|
|
#endif // BITCOIN_ZCASH_NOTEENCRYPTION_H
|