Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.google.bitcoin.crypto
Class TransactionSignature

java.lang.Object
  extended by com.google.bitcoin.core.ECKey.ECDSASignature
      extended by com.google.bitcoin.crypto.TransactionSignature

public class TransactionSignature
extends ECKey.ECDSASignature

A TransactionSignature wraps an ECKey.ECDSASignature and adds methods for handling the additional SIGHASH mode byte that is used.

Field Summary
 int sighashFlags
          A byte that controls which parts of a transaction are signed.
 
Fields inherited from class com.google.bitcoin.core.ECKey.ECDSASignature
r, s
 
Constructor Summary
TransactionSignature(BigInteger r, BigInteger s)
          Constructs a signature with the given components and SIGHASH_ALL.
TransactionSignature(ECKey.ECDSASignature signature, Transaction.SigHash mode, boolean anyoneCanPay)
          Constructs a transaction signature based on the ECDSA signature.
 
Method Summary
 boolean anyoneCanPay()
           
static int calcSigHashValue(Transaction.SigHash mode, boolean anyoneCanPay)
          Calculates the byte used in the protocol to represent the combination of mode and anyoneCanPay.
static TransactionSignature decodeFromBitcoin(byte[] bytes, boolean requireCanonical)
          Returns a decoded signature.
static TransactionSignature dummy()
          Returns a dummy invalid signature whose R/S values are set such that they will take up the same number of encoded bytes as a real signature.
 byte[] encodeToBitcoin()
          What we get back from the signer are the two components of a signature, r and s.
static boolean isEncodingCanonical(byte[] signature)
          Returns true if the given signature is has canonical encoding, and will thus be accepted as standard by the reference client.
 void setSigHash(Transaction.SigHash mode, boolean anyoneCanPay)
          Configures the sighashFlags field as appropriate.
 Transaction.SigHash sigHashMode()
           
 
Methods inherited from class com.google.bitcoin.core.ECKey.ECDSASignature
decodeFromDER, derByteStream, encodeToDER, ensureCanonical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

sighashFlags

public int sighashFlags
A byte that controls which parts of a transaction are signed. This is exposed because signatures parsed off the wire may have sighash flags that aren't "normal" serializations of the enum values. Because Satoshi's code works via bit testing, we must not lose the exact value when round-tripping otherwise we'll fail to verify signature hashes.

Constructor Detail

TransactionSignature

public TransactionSignature(BigInteger r,
                            BigInteger s)
Constructs a signature with the given components and SIGHASH_ALL.

TransactionSignature

public TransactionSignature(ECKey.ECDSASignature signature,
                            Transaction.SigHash mode,
                            boolean anyoneCanPay)
Constructs a transaction signature based on the ECDSA signature.

Method Detail

dummy

public static TransactionSignature dummy()
Returns a dummy invalid signature whose R/S values are set such that they will take up the same number of encoded bytes as a real signature. This can be useful when you want to fill out a transaction to be of the right size (e.g. for fee calculations) but don't have the requisite signing key yet and will fill out the real signature later.

calcSigHashValue

public static int calcSigHashValue(Transaction.SigHash mode,
                                   boolean anyoneCanPay)
Calculates the byte used in the protocol to represent the combination of mode and anyoneCanPay.

isEncodingCanonical

public static boolean isEncodingCanonical(byte[] signature)
Returns true if the given signature is has canonical encoding, and will thus be accepted as standard by the reference client. DER and the SIGHASH encoding allow for quite some flexibility in how the same structures are encoded, and this can open up novel attacks in which a man in the middle takes a transaction and then changes its signature such that the transaction hash is different but it's still valid. This can confuse wallets and generally violates people's mental model of how Bitcoin should work, thus, non-canonical signatures are now not relayed by default.

setSigHash

public void setSigHash(Transaction.SigHash mode,
                       boolean anyoneCanPay)
Configures the sighashFlags field as appropriate.

anyoneCanPay

public boolean anyoneCanPay()

sigHashMode

public Transaction.SigHash sigHashMode()

encodeToBitcoin

public byte[] encodeToBitcoin()
What we get back from the signer are the two components of a signature, r and s. To get a flat byte stream of the type used by Bitcoin we have to encode them using DER encoding, which is just a way to pack the two components into a structure, and then we append a byte to the end for the sighash flags.

decodeFromBitcoin

public static TransactionSignature decodeFromBitcoin(byte[] bytes,
                                                     boolean requireCanonical)
                                              throws VerificationException
Returns a decoded signature.

Throws:
RuntimeException - if the signature is invalid or unparseable in some way.
VerificationException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2014. All rights reserved.