Package org.bitcoinj.crypto

Class ECKey.ECDSASignature

java.lang.Object

org.bitcoinj.crypto.ECKey.ECDSASignature

Direct Known Subclasses:

TransactionSignature

Enclosing class:

ECKey

public static class ECKey.ECDSASignature
extends java.lang.Object

Groups the two components that make up a signature, and provides a way to encode to DER form, which is how ECDSA signatures are represented when embedded in other data structures in the Bitcoin protocol. The raw components can be useful for doing further EC maths on them.

Field Summary

Fields

Modifier and Type	Field	Description
java.math.BigInteger	r	The two components of the signature.
java.math.BigInteger	s	The two components of the signature.

Constructor Summary

Constructors

Constructor	Description
ECDSASignature(java.math.BigInteger r, java.math.BigInteger s)	Constructs a signature with the given components.

Method Summary

Modifier and Type	Method	Description
static ECKey.ECDSASignature	decodeFromDER(byte[] bytes)
protected java.io.ByteArrayOutputStream	derByteStream()
byte[]	encodeToDER()	DER is an international standard for serializing data structures which is widely used in cryptography.
boolean	equals(java.lang.Object o)
int	hashCode()
boolean	isCanonical()	Returns true if the S component is "low", that means it is below ECKey.HALF_CURVE_ORDER.
ECKey.ECDSASignature	toCanonicalised()	Will automatically adjust the S component to be less than or equal to half the curve order, if necessary.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Field Detail

r

public final java.math.BigInteger r

The two components of the signature.

s

public final java.math.BigInteger s

The two components of the signature.

Constructor Detail

ECDSASignature

public ECDSASignature(java.math.BigInteger r,
                      java.math.BigInteger s)

Constructs a signature with the given components. Does NOT automatically canonicalise the signature.

Method Detail

isCanonical

public boolean isCanonical()

Returns true if the S component is "low", that means it is below ECKey.HALF_CURVE_ORDER. See BIP62.

toCanonicalised

public ECKey.ECDSASignature toCanonicalised()

Will automatically adjust the S component to be less than or equal to half the curve order, if necessary. This is required because for every signature (r,s) the signature (r, -s (mod N)) is a valid signature of the same message. However, we dislike the ability to modify the bits of a Bitcoin transaction after it's been signed, as that violates various assumed invariants. Thus in future only one of those forms will be considered legal and the other will be banned.

encodeToDER

public byte[] encodeToDER()

DER is an international standard for serializing data structures which is widely used in cryptography. It's somewhat like protocol buffers but less convenient. This method returns a standard DER encoding of the signature, as recognized by OpenSSL and other libraries.

decodeFromDER

public static ECKey.ECDSASignature decodeFromDER(byte[] bytes)
                                          throws SignatureDecodeException

Throws:

SignatureDecodeException - if the signature is unparseable in some way.

derByteStream

protected java.io.ByteArrayOutputStream derByteStream()
                                               throws java.io.IOException

Throws:

java.io.IOException

equals

public boolean equals(java.lang.Object o)

Overrides:

equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object