Class CryptoUtilsKt
-
- All Implemented Interfaces:
public final class CryptoUtilsKt
-
-
Method Summary
Modifier and Type Method Description final Set<PublicKey>
getKeys()
final static DigitalSignature
sign(PrivateKey $self, ByteArray bytesToSign)
Utility to simplify the act of signing a byte array. final static DigitalSignature.WithKey
sign(PrivateKey $self, ByteArray bytesToSign, PublicKey publicKey)
Utility to simplify the act of signing a byte array and return a DigitalSignature.WithKey object. final static DigitalSignature.WithKey
sign(KeyPair $self, ByteArray bytesToSign)
Helper function to sign with a key pair. final static DigitalSignature.WithKey
sign(KeyPair $self, OpaqueBytes bytesToSign)
Helper function to sign the bytes of bytesToSign with a key pair. final static TransactionSignature
sign(KeyPair $self, SignableData signableData)
Helper function for signing a SignableData object. final static Boolean
verify(PublicKey $self, ByteArray content, DigitalSignature signature)
Utility to simplify the act of verifying a signature. final static Boolean
verify(PublicKey $self, ByteArray signatureData, ByteArray clearData)
Helper function to verify a signature. final static Boolean
verify(KeyPair $self, ByteArray signatureData, ByteArray clearData)
Helper function for the signers to verify their own signature. final static Boolean
isValid(PublicKey $self, ByteArray content, DigitalSignature signature)
Utility to simplify the act of verifying a signature. final static String
toStringShort(PublicKey $self)
Render a public key to its hash (in Base58) of its serialised form using the DL prefix. final static Boolean
isFulfilledBy(PublicKey $self, PublicKey otherKey)
Return true if otherKey fulfils the requirements of this PublicKey. final static Boolean
isFulfilledBy(PublicKey $self, Iterable<PublicKey> otherKeys)
Return true if otherKeys fulfil the requirements of this PublicKey. final static Boolean
containsAny(PublicKey $self, Iterable<PublicKey> otherKeys)
Checks whether any of the given keys matches a leaf on the CompositeKey tree or a single PublicKey. final static <Error class: unknown class>
byKeys(Iterable<TransactionSignature> $self)
Returns the set of all PublicKeys of the signatures. final static PrivateKey
component1(KeyPair $self)
final static PublicKey
component2(KeyPair $self)
final static KeyPair
generateKeyPair()
A simple wrapper that will make it easier to swap out the signature algorithm we use in future. final static KeyPair
entropyToKeyPair(BigInteger entropy)
Returns a key pair derived from the given private key entropy. final static ByteArray
secureRandomBytes(Integer numOfBytes)
Generate a securely random ByteArray of requested number of bytes. final static SecureRandom
newSecureRandom()
Get an instance of SecureRandom to avoid blocking, due to waiting for additional entropy, when possible. final static Long
random63BitValue()
Returns a random positive non-zero long generated using a secure RNG. final static SecureHash
componentHash(OpaqueBytes opaqueBytes, PrivacySalt privacySalt, Integer componentGroupIndex, Integer internalIndex)
Compute the hash of each serialised component so as to be used as Merkle tree leaf. final static SecureHash
componentHash(SecureHash nonce, OpaqueBytes opaqueBytes)
Return the SHA256(SHA256(nonce || serializedComponent)). final static <T extends Any> SecureHash
serializedHash(T x)
Serialise the object and return the hash of the serialized bytes. final static SecureHash.SHA256
computeNonce(PrivacySalt privacySalt, Integer groupIndex, Integer internalIndex)
Method to compute a nonce based on privacySalt, component group index and component internal index. -
-
Method Detail
-
sign
final static DigitalSignature sign(PrivateKey $self, ByteArray bytesToSign)
Utility to simplify the act of signing a byte array.
- Parameters:
bytesToSign
- the data/message to be signed in ByteArray form (usually the Merkle root).
-
sign
final static DigitalSignature.WithKey sign(PrivateKey $self, ByteArray bytesToSign, PublicKey publicKey)
Utility to simplify the act of signing a byte array and return a DigitalSignature.WithKey object. Note that there is no check if the public key matches with the signing private key.
- Parameters:
bytesToSign
- the data/message to be signed in ByteArray form (usually the Merkle root).
-
sign
final static DigitalSignature.WithKey sign(KeyPair $self, ByteArray bytesToSign)
Helper function to sign with a key pair.
- Parameters:
bytesToSign
- the data/message to be signed in ByteArray form (usually the Merkle root).
-
sign
final static DigitalSignature.WithKey sign(KeyPair $self, OpaqueBytes bytesToSign)
Helper function to sign the bytes of bytesToSign with a key pair.
-
sign
final static TransactionSignature sign(KeyPair $self, SignableData signableData)
Helper function for signing a SignableData object.
- Parameters:
signableData
- the object to be signed.
-
verify
final static Boolean verify(PublicKey $self, ByteArray content, DigitalSignature signature)
Utility to simplify the act of verifying a signature.
-
verify
final static Boolean verify(PublicKey $self, ByteArray signatureData, ByteArray clearData)
Helper function to verify a signature.
- Parameters:
signatureData
- the signature on a message.clearData
- the clear data/message that was signed (usually the Merkle root).
-
verify
final static Boolean verify(KeyPair $self, ByteArray signatureData, ByteArray clearData)
Helper function for the signers to verify their own signature.
- Parameters:
signatureData
- the signature on a message.clearData
- the clear data/message that was signed (usually the Merkle root).
-
isValid
final static Boolean isValid(PublicKey $self, ByteArray content, DigitalSignature signature)
Utility to simplify the act of verifying a signature. In comparison to verify if the key and signature do not match it returns false rather than throwing an exception. Normally you should use the function which throws, as it avoids the risk of failing to test the result, but this is for uses such as java.security.Signature.verify implementations.
-
toStringShort
final static String toStringShort(PublicKey $self)
Render a public key to its hash (in Base58) of its serialised form using the DL prefix.
-
isFulfilledBy
final static Boolean isFulfilledBy(PublicKey $self, PublicKey otherKey)
Return true if otherKey fulfils the requirements of this PublicKey.
-
isFulfilledBy
final static Boolean isFulfilledBy(PublicKey $self, Iterable<PublicKey> otherKeys)
Return true if otherKeys fulfil the requirements of this PublicKey.
-
containsAny
final static Boolean containsAny(PublicKey $self, Iterable<PublicKey> otherKeys)
Checks whether any of the given keys matches a leaf on the CompositeKey tree or a single PublicKey.
<i>Note that this function checks against leaves, which cannot be of type CompositeKey. Due to that, if any of the otherKeys is a CompositeKey, this function will not find a match.</i>
-
byKeys
final static <Error class: unknown class> byKeys(Iterable<TransactionSignature> $self)
Returns the set of all PublicKeys of the signatures.
-
component1
final static PrivateKey component1(KeyPair $self)
-
component2
final static PublicKey component2(KeyPair $self)
-
generateKeyPair
final static KeyPair generateKeyPair()
A simple wrapper that will make it easier to swap out the signature algorithm we use in future.
-
entropyToKeyPair
final static KeyPair entropyToKeyPair(BigInteger entropy)
Returns a key pair derived from the given private key entropy. This is useful for unit tests and other cases where you want hard-coded private keys.
- Parameters:
entropy
- a BigInteger value.
-
secureRandomBytes
final static ByteArray secureRandomBytes(Integer numOfBytes)
Generate a securely random ByteArray of requested number of bytes. Usually used for seeds, nonces and keys.
- Parameters:
numOfBytes
- how many random bytes to output.
-
newSecureRandom
final static SecureRandom newSecureRandom()
Get an instance of SecureRandom to avoid blocking, due to waiting for additional entropy, when possible. In this version, the NativePRNGNonBlocking is exclusively used on Linux OS to utilize dev/urandom because in high traffic /dev/random may wait for a certain amount of "noise" to be generated on the host machine before returning a result.
On Solaris, Linux, and OS X, if the entropy gathering device in java.security is set to file:/dev/urandom or file:/dev/random, then NativePRNG is preferred to SHA1PRNG. Otherwise, SHA1PRNG is preferred.
-
random63BitValue
final static Long random63BitValue()
Returns a random positive non-zero long generated using a secure RNG. This function sacrifies a bit of entropy in order to avoid potential bugs where the value is used in a context where negative numbers or zero are not expected.
-
componentHash
final static SecureHash componentHash(OpaqueBytes opaqueBytes, PrivacySalt privacySalt, Integer componentGroupIndex, Integer internalIndex)
Compute the hash of each serialised component so as to be used as Merkle tree leaf. The resultant output (leaf) is calculated using the SHA256d algorithm, thus SHA256(SHA256(nonce || serializedComponent)), where nonce is computed from computeNonce.
-
componentHash
final static SecureHash componentHash(SecureHash nonce, OpaqueBytes opaqueBytes)
Return the SHA256(SHA256(nonce || serializedComponent)).
-
serializedHash
final static <T extends Any> SecureHash serializedHash(T x)
Serialise the object and return the hash of the serialized bytes. Note that the resulting hash may not be deterministic across platform versions: serialization can produce different values if any of the types being serialized have changed, or if the version of serialization specified by the context changes.
-
computeNonce
final static SecureHash.SHA256 computeNonce(PrivacySalt privacySalt, Integer groupIndex, Integer internalIndex)
Method to compute a nonce based on privacySalt, component group index and component internal index. SHA256d (double SHA256) is used to prevent length extension attacks.
- Parameters:
privacySalt
- a PrivacySalt.groupIndex
- the fixed index (ordinal) of this component group.internalIndex
- the internal index of this object in its corresponding components list.
-
-
-
-