public class DeterministicKey extends ECKey
DeterministicHierarchy
. As per
the BIP 32 specification it is a pair
(key, chaincode). If you know its path in the tree and its chain code you can derive more keys from this. To obtain
one of these, you can call HDKeyDerivation.createMasterPrivateKey(byte[])
.ECKey.ECDSASignature, ECKey.KeyIsEncryptedException, ECKey.MissingPrivateKeyException
Modifier and Type | Field and Description |
---|---|
static java.util.Comparator<ECKey> |
CHILDNUM_ORDER
Sorts deterministic keys in the order of their child number.
|
AGE_COMPARATOR, creationTimeSeconds, CURVE, encryptedPrivateKey, FAKE_SIGNATURES, HALF_CURVE_ORDER, keyCrypter, priv, pub, PUBKEY_COMPARATOR
Constructor and Description |
---|
DeterministicKey(DeterministicKey keyToClone,
DeterministicKey newParent)
Clones the key
|
DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath,
byte[] chainCode,
java.math.BigInteger priv,
DeterministicKey parent)
Constructs a key from its components.
|
DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath,
byte[] chainCode,
java.math.BigInteger priv,
DeterministicKey parent,
int depth,
int parentFingerprint)
Constructs a key from its components, including its private key data and possibly-redundant
information about its parent key.
|
DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath,
byte[] chainCode,
org.bouncycastle.math.ec.ECPoint publicAsPoint,
java.math.BigInteger priv,
DeterministicKey parent) |
DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath,
byte[] chainCode,
KeyCrypter crypter,
LazyECPoint pub,
EncryptedData priv,
DeterministicKey parent)
Constructs a key from its components.
|
DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath,
byte[] chainCode,
LazyECPoint publicAsPoint,
java.math.BigInteger priv,
DeterministicKey parent)
Constructs a key from its components.
|
DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath,
byte[] chainCode,
LazyECPoint publicAsPoint,
DeterministicKey parent,
int depth,
int parentFingerprint)
Constructs a key from its components, including its public key data and possibly-redundant
information about its parent key.
|
Modifier and Type | Method and Description |
---|---|
DeterministicKey |
decrypt(KeyCrypter keyCrypter,
org.bouncycastle.crypto.params.KeyParameter aesKey)
Create a decrypted private key with the keyCrypter and AES key supplied.
|
DeterministicKey |
decrypt(org.bouncycastle.crypto.params.KeyParameter aesKey)
Create a decrypted private key with AES key.
|
DeterministicKey |
derive(int child)
Derives a child at the given index using hardened derivation.
|
static DeterministicKey |
deserialize(NetworkParameters params,
byte[] serializedKey)
Deserialize an HD Key with no parent
|
static DeterministicKey |
deserialize(NetworkParameters params,
byte[] serializedKey,
DeterministicKey parent)
Deserialize an HD Key.
|
static DeterministicKey |
deserializeB58(DeterministicKey parent,
java.lang.String base58,
NetworkParameters params)
Deserialize a base-58-encoded HD Key.
|
static DeterministicKey |
deserializeB58(java.lang.String base58,
NetworkParameters params)
Deserialize a base-58-encoded HD Key with no parent
|
DeterministicKey |
dropParent()
Returns the same key with the parent pointer removed (it still knows its own path and the parent fingerprint).
|
DeterministicKey |
dropPrivateBytes()
Returns the same key with the private bytes removed.
|
DeterministicKey |
encrypt(KeyCrypter keyCrypter,
org.bouncycastle.crypto.params.KeyParameter aesKey)
Create an encrypted private key with the keyCrypter and the AES key supplied.
|
DeterministicKey |
encrypt(KeyCrypter keyCrypter,
org.bouncycastle.crypto.params.KeyParameter aesKey,
DeterministicKey newParent) |
boolean |
equals(java.lang.Object o)
Verifies equality of all fields but NOT the parent pointer (thus the same key derived in two separate hierarchy
objects will equal each other.
|
void |
formatKeyWithAddress(boolean includePrivateKeys,
org.bouncycastle.crypto.params.KeyParameter aesKey,
java.lang.StringBuilder builder,
NetworkParameters params,
Script.ScriptType outputScriptType,
java.lang.String comment) |
byte[] |
getChainCode()
Returns the chain code associated with this key.
|
ChildNumber |
getChildNumber()
Returns the last element of the path returned by
getPath() |
long |
getCreationTimeSeconds()
The creation time of a deterministic key is equal to that of its parent, unless this key is the root of a tree
in which case the time is stored alongside the key as per normal, see
ECKey.getCreationTimeSeconds() . |
int |
getDepth()
Return this key's depth in the hierarchy, where the root node is at depth zero.
|
int |
getFingerprint()
Returns the first 32 bits of the result of
getIdentifier() . |
byte[] |
getIdentifier()
Returns RIPE-MD160(SHA256(pub key bytes)).
|
KeyCrypter |
getKeyCrypter()
Returns this keys
KeyCrypter or the keycrypter of its parent key. |
DeterministicKey |
getParent() |
int |
getParentFingerprint()
Return the fingerprint of the key from which this key was derived, if this is a
child key, or else an array of four zero-value bytes.
|
com.google.common.collect.ImmutableList<ChildNumber> |
getPath()
Returns the path through some
DeterministicHierarchy which reaches this keys position in the tree. |
java.lang.String |
getPathAsString()
Returns the path of this key as a human readable string starting with M to indicate the master key.
|
java.math.BigInteger |
getPrivKey()
Returns the private key of this deterministic key.
|
byte[] |
getPrivKeyBytes33()
Returns private key bytes, padded with zeros to 33 bytes.
|
byte[] |
getSecretBytes()
A wrapper for
ECKey.getPrivKeyBytes() that returns null if the private key bytes are missing or would have
to be derived (for the HD key case). |
int |
hashCode() |
boolean |
hasPrivKey()
Returns true if this key has unencrypted access to private key bytes.
|
boolean |
isEncrypted()
A deterministic key is considered to be encrypted if it has access to encrypted private key bytes, OR if its
parent does.
|
boolean |
isPubKeyOnly()
A deterministic key is considered to be 'public key only' if it hasn't got a private key part and it cannot be
rederived.
|
byte[] |
serializePrivate(NetworkParameters params)
Deprecated.
|
java.lang.String |
serializePrivB58(NetworkParameters params) |
java.lang.String |
serializePrivB58(NetworkParameters params,
Script.ScriptType outputScriptType) |
java.lang.String |
serializePubB58(NetworkParameters params) |
java.lang.String |
serializePubB58(NetworkParameters params,
Script.ScriptType outputScriptType) |
byte[] |
serializePublic(NetworkParameters params)
Deprecated.
|
void |
setCreationTimeSeconds(long newCreationTimeSeconds)
The creation time of a deterministic key is equal to that of its parent, unless this key is the root of a tree.
|
ECKey.ECDSASignature |
sign(Sha256Hash input,
org.bouncycastle.crypto.params.KeyParameter aesKey)
Signs the given hash and returns the R and S components as BigIntegers.
|
java.lang.String |
toString() |
compressPoint, compressPoint, decompress, decompressPoint, decompressPoint, doSign, encryptionIsReversible, findRecoveryId, fromASN1, fromEncrypted, fromPrivate, fromPrivate, fromPrivate, fromPrivate, fromPrivateAndPrecalculatedPublic, fromPrivateAndPrecalculatedPublic, fromPublicOnly, fromPublicOnly, getEncryptedData, getEncryptedPrivateKey, getEncryptionType, getPrivateKeyAsHex, getPrivateKeyAsWiF, getPrivateKeyEncoded, getPrivKeyBytes, getPubKey, getPubKeyHash, getPubKeyPoint, getPublicKeyAsHex, isCompressed, isPubKeyCanonical, isWatching, maybeDecrypt, publicKeyFromPrivate, publicPointFromPrivate, recoverFromSignature, sign, signedMessageToKey, signMessage, signMessage, toASN1, toStringWithPrivate, verify, verify, verify, verify, verifyMessage, verifyOrThrow, verifyOrThrow
public static final java.util.Comparator<ECKey> CHILDNUM_ORDER
public DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath, byte[] chainCode, LazyECPoint publicAsPoint, @Nullable java.math.BigInteger priv, @Nullable DeterministicKey parent)
public DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath, byte[] chainCode, org.bouncycastle.math.ec.ECPoint publicAsPoint, @Nullable java.math.BigInteger priv, @Nullable DeterministicKey parent)
public DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath, byte[] chainCode, java.math.BigInteger priv, @Nullable DeterministicKey parent)
public DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath, byte[] chainCode, KeyCrypter crypter, LazyECPoint pub, EncryptedData priv, @Nullable DeterministicKey parent)
public DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath, byte[] chainCode, LazyECPoint publicAsPoint, @Nullable DeterministicKey parent, int depth, int parentFingerprint)
public DeterministicKey(com.google.common.collect.ImmutableList<ChildNumber> childNumberPath, byte[] chainCode, java.math.BigInteger priv, @Nullable DeterministicKey parent, int depth, int parentFingerprint)
public DeterministicKey(DeterministicKey keyToClone, DeterministicKey newParent)
public com.google.common.collect.ImmutableList<ChildNumber> getPath()
DeterministicHierarchy
which reaches this keys position in the tree.
A path can be written as 0/1/0 which means the first child of the root, the second child of that node, then
the first child of that node.public java.lang.String getPathAsString()
public int getDepth()
public ChildNumber getChildNumber()
getPath()
public byte[] getChainCode()
public byte[] getIdentifier()
public int getFingerprint()
getIdentifier()
.@Nullable public DeterministicKey getParent()
public int getParentFingerprint()
public byte[] getPrivKeyBytes33()
java.lang.IllegalStateException
- if the private key bytes are missing.public DeterministicKey dropPrivateBytes()
dropParent()
.public DeterministicKey dropParent()
Returns the same key with the parent pointer removed (it still knows its own path and the parent fingerprint).
If this key doesn't have private key bytes stored/cached itself, but could rederive them from the parent, then the new key returned by this method won't be able to do that. Thus, using dropPrivateBytes().dropParent() on a regular DeterministicKey will yield a new DeterministicKey that cannot sign or do other things involving the private key at all.
public DeterministicKey encrypt(KeyCrypter keyCrypter, org.bouncycastle.crypto.params.KeyParameter aesKey) throws KeyCrypterException
ECKey
encrypt
in class ECKey
keyCrypter
- The keyCrypter that specifies exactly how the encrypted bytes are created.aesKey
- The KeyParameter with the AES encryption key (usually constructed with keyCrypter#deriveKey and cached as it is slow to create).KeyCrypterException
public DeterministicKey encrypt(KeyCrypter keyCrypter, org.bouncycastle.crypto.params.KeyParameter aesKey, @Nullable DeterministicKey newParent) throws KeyCrypterException
KeyCrypterException
public boolean isPubKeyOnly()
isPubKeyOnly
in class ECKey
public boolean hasPrivKey()
ECKey
ECKey.isPubKeyOnly()
.hasPrivKey
in class ECKey
@Nullable public byte[] getSecretBytes()
ECKey
ECKey.getPrivKeyBytes()
that returns null if the private key bytes are missing or would have
to be derived (for the HD key case).getSecretBytes
in interface EncryptableItem
getSecretBytes
in class ECKey
public boolean isEncrypted()
isEncrypted
in interface EncryptableItem
isEncrypted
in class ECKey
@Nullable public KeyCrypter getKeyCrypter()
KeyCrypter
or the keycrypter of its parent key.getKeyCrypter
in class ECKey
public ECKey.ECDSASignature sign(Sha256Hash input, @Nullable org.bouncycastle.crypto.params.KeyParameter aesKey) throws KeyCrypterException
ECKey
ECKey.ECDSASignature.encodeToDER()
instead. However sometimes the independent components can be useful, for instance, if you're doing to do further
EC maths on them.sign
in class ECKey
aesKey
- The AES key to use for decryption of the private key. If null then no decryption is required.KeyCrypterException
- if there's something wrong with aesKey.public DeterministicKey decrypt(KeyCrypter keyCrypter, org.bouncycastle.crypto.params.KeyParameter aesKey) throws KeyCrypterException
ECKey
decrypt
in class ECKey
keyCrypter
- The keyCrypter that specifies exactly how the decrypted bytes are created.aesKey
- The KeyParameter with the AES encryption key (usually constructed with keyCrypter#deriveKey and cached).KeyCrypterException
public DeterministicKey decrypt(org.bouncycastle.crypto.params.KeyParameter aesKey) throws KeyCrypterException
ECKey
decrypt
in class ECKey
aesKey
- The KeyParameter with the AES encryption key (usually constructed with keyCrypter#deriveKey and cached).KeyCrypterException
public DeterministicKey derive(int child)
index
is
not the "i" value. If you want the softened derivation, then use instead
HDKeyDerivation.deriveChildKey(this, new ChildNumber(child, false))
.public java.math.BigInteger getPrivKey()
getPrivKey
in class ECKey
java.lang.IllegalStateException
- if the parents are encrypted or a watching chain.@Deprecated public byte[] serializePublic(NetworkParameters params)
@Deprecated public byte[] serializePrivate(NetworkParameters params)
public java.lang.String serializePubB58(NetworkParameters params, Script.ScriptType outputScriptType)
public java.lang.String serializePrivB58(NetworkParameters params, Script.ScriptType outputScriptType)
public java.lang.String serializePubB58(NetworkParameters params)
public java.lang.String serializePrivB58(NetworkParameters params)
public static DeterministicKey deserializeB58(java.lang.String base58, NetworkParameters params)
public static DeterministicKey deserializeB58(@Nullable DeterministicKey parent, java.lang.String base58, NetworkParameters params)
parent
- The parent node in the given key's deterministic hierarchy.java.lang.IllegalArgumentException
- if the base58 encoded key could not be parsed.public static DeterministicKey deserialize(NetworkParameters params, byte[] serializedKey)
public static DeterministicKey deserialize(NetworkParameters params, byte[] serializedKey, @Nullable DeterministicKey parent)
parent
- The parent node in the given key's deterministic hierarchy.public long getCreationTimeSeconds()
ECKey.getCreationTimeSeconds()
.getCreationTimeSeconds
in interface EncryptableItem
getCreationTimeSeconds
in class ECKey
public void setCreationTimeSeconds(long newCreationTimeSeconds)
setCreationTimeSeconds
in class ECKey
public boolean equals(java.lang.Object o)
public void formatKeyWithAddress(boolean includePrivateKeys, @Nullable org.bouncycastle.crypto.params.KeyParameter aesKey, java.lang.StringBuilder builder, NetworkParameters params, Script.ScriptType outputScriptType, @Nullable java.lang.String comment)
formatKeyWithAddress
in class ECKey