java source code of ECKey

Project: gsc-core (GitHub Link)

gsc-core-master
- src
  - main
    - resources
      - logback.xml
      - config-localtest.conf
      - config-testnet.conf
      - config.conf
    - protos
      - api
        api.proto
      - install-googleapis.sh
      - install-protobuf.sh
      - .travis.yml
      - README.md
      - core
        GSCInventoryItems.proto
        Contract.proto
        GSC.proto
        Discover.proto
    - java
      - org
        gsc
        crypto
        cryptohash
        KeccakCore.java
        Digest.java
        Keccak512.java
        Keccak256.java
        DigestEngine.java
        Hash.java
        ECKey.java
        zksnark
        Fp.java
        Fp12.java
        PairingCheck.java
        Params.java
        BN128.java
        Field.java
        Fp6.java
        BN128Fp2.java
        BN128G2.java
        Fp2.java
        BN128G1.java
        BN128Fp.java
        SymmEncoder.java
        jce
        ECKeyPairGenerator.java
        ECAlgorithmParameters.java
        ECSignatureFactory.java
        ECKeyFactory.java
        ECKeyAgreement.java
        GSCCastleProvider.java
        utils
        ByteUtil.java
        SetAdapter.java
        StringUtil.java
        SlidingWindowCounter.java
        KeystoreFactory.java
        SafeMessageMap.java
        BIUtil.java
        DecodeResult.java
        RandomGenerator.java
        ByteArrayMap.java
        ByteArraySet.java
        ForkController.java
        Utils.java
        PropUtil.java
        ByteArray.java
        Time.java
        TypeConversion.java
        FileUtil.java
        CompactEncoder.java
        FastByteComparisons.java
        Sha256Hash.java
        Value.java
        Base58.java
        SessionOptional.java
        Quitable.java
        ALock.java
        CollectionUtils.java
        ExecutorLoop.java
        services
        NodeInfoService.java
        interfaceOnConfirmed
        WalletOnConfirmed.java
        ConfirmedRpcApiService.java
        http
        GetAccountByIdOnConfirmedServlet.java
        GetBlockByNumOnConfirmedServlet.java
        ListExchangesOnConfirmedServlet.java
        ListWitnessesOnConfirmedServlet.java
        GetDelegatedResourceOnConfirmedServlet.java
        GetBlockByLatestNumOnConfirmedServlet.java
        GetAssetIssueListOnConfirmedServlet.java
        confirmed
        GetTransactionByIdOnConfirmedServlet.java
        ConfirmedHttpApiService.java
        GetTransactionInfoByIdOnConfirmedServlet.java
        GetDelegatedResourceAccountIndexOnConfirmedServlet.java
        GetAccountOnConfirmedServlet.java
        GetNowBlockOnConfirmedServlet.java
        GetBlockByIdOnConfirmedServlet.java
        GetPaginatedAssetIssueListOnConfirmedServlet.java
        GetAssetIssueListByNameOnConfirmedServlet.java
        GetNodeInfoOnConfirmedServlet.java
        GetAssetIssueByNameOnConfirmedServlet.java
        GetTransactionCountByBlockNumOnConfirmedServlet.java
        GetBlockByLimitNextOnConfirmedServlet.java
        GetExchangeByIdOnConfirmedServlet.java
        GetAssetIssueByIdOnConfirmedServlet.java
        NodeInfoOnConfirmedService.java
        WitnessProductBlockService.java
        WitnessService.java
        http
        CreateWitnessServlet.java
        ExchangeInjectServlet.java
        JsonFormat.java
        GetNodeInfoServlet.java
        ParticipateAssetIssueServlet.java
        AccountPermissionUpdateServlet.java
        TransferServlet.java
        SetAccountIdServlet.java
        GetAssetIssueByAccountServlet.java
        GetAccountServlet.java
        ExchangeTransactionServlet.java
        GetAssetIssueByNameServlet.java
        TransferAssetServlet.java
        GetChainParametersServlet.java
        ListExchangesServlet.java
        confirmed
        GetTransactionInfoByIdConfirmedServlet.java
        GetTransactionsFromThisServlet.java
        ConfirmedHttpApiService.java
        GetTransactionsToThisServlet.java
        GetTransactionByIdConfirmedServlet.java
        CreateAddressServlet.java
        GetNextMaintenanceTimeServlet.java
        GetTransactionByIdServlet.java
        GetTransactionCountByBlockNumServlet.java
        VoteWitnessAccountServlet.java
        UpdateAssetServlet.java
        UpdateAccountServlet.java
        ProposalDeleteServlet.java
        ListNodesServlet.java
        UnFreezeAssetServlet.java
        GetAssetIssueListByNameServlet.java
        FullNodeHttpApiService.java
        UpdateWitnessServlet.java
        VoteStatisticsServlet.java
        GetPaginatedAssetIssueListServlet.java
        GetDelegatedResourceServlet.java
        GetAssetIssueListServlet.java
        ExchangeWithdrawServlet.java
        GenerateAddressServlet.java
        EasyTransferAssetByPrivateServlet.java
        FreezeBalanceServlet.java
        UpdateSettingServlet.java
        DeployContractServlet.java
        GetAssetIssueByIdServlet.java
        GetBlockByLatestNumServlet.java
        UnFreezeBalanceServlet.java
        EasyTransferAssetServlet.java
        GetProposalByIdServlet.java
        GetBlockByLimitNextServlet.java
        TriggerConstantContractServlet.java
        ExchangeCreateServlet.java
        AddTransactionSignServlet.java
        GetTransactionApprovedListServlet.java
        GetAccountByIdServlet.java
        ProposalApproveServlet.java
        BroadcastServlet.java
        ProposalCreateServlet.java
        Util.java
        GetContractServlet.java
        GetAccountNetServlet.java
        GetPaginatedProposalListServlet.java
        GetBlockByNumServlet.java
        EasyTransferServlet.java
        CreateAccountServlet.java
        EasyTransferByPrivateServlet.java
        CreateAssetIssueServlet.java
        GetNowBlockServlet.java
        ClearABIServlet.java
        GetAccountResourceServlet.java
        GetPaginatedExchangeListServlet.java
        ListProposalsServlet.java
        GetExchangeByIdServlet.java
        ListWitnessesServlet.java
        TriggerSmartContractServlet.java
        ValidateAddressServlet.java
        TransactionSignServlet.java
        GetDelegatedResourceAccountIndexServlet.java
        GetTransactionSignWeightServlet.java
        GetTransactionInfoByIdServlet.java
        HttpSelfFormatFieldName.java
        GetBlockByIdServlet.java
        WithdrawBalanceServlet.java
        UpdateCpuLimitServlet.java
        TotalTransactionServlet.java
        RpcApiService.java
        keystore
        WalletUtils.java
        Credentials.java
        WalletFile.java
        CipherException.java
        Wallet.java
        db
        AssetIssueStore.java
        StorageRowStore.java
        StorageMarket.java
        backup
        NeedBeanCondition.java
        DbBackupConfig.java
        BackupRocksDBAspect.java
        BackupDbUtil.java
        VotesStore.java
        ProposalStore.java
        GSCStoreWithRevoking.java
        accountstate
        storetrie
        AccountStateStoreTrie.java
        AccountStateEntity.java
        TrieService.java
        callback
        AccountStateCallBack.java
        BlockIndexStore.java
        WitnessStore.java
        NetProcessor.java
        TransactionTrace.java
        RecentBlockStore.java
        AbstractRevokingStore.java
        api
        IndexHelper.java
        index
        AccountIndex.java
        WitnessIndex.java
        AbstractIndex.java
        Index.java
        TransactionIndex.java
        AssetIssueIndex.java
        BlockIndex.java
        StoreAPI.java
        pojo
        Witness.java
        Transaction.java
        Account.java
        Block.java
        AssetIssue.java
        AssetUpdateHelper.java
        KhaosDatabase.java
        AbstractBlockstore.java
        common
        iterator
        AbstractIterator.java
        TransactionIterator.java
        RockStoreIterator.java
        DBIterator.java
        AssetIssueIterator.java
        WitnessIterator.java
        BlockIterator.java
        AccountIterator.java
        StoreIterator.java
        WrappedByteArray.java
        WrappedResultSet.java
        DynamicPropertiesStore.java
        ByteArrayWrapper.java
        PendingManager.java
        AssetIssueV2Store.java
        WitnessScheduleStore.java
        ExchangeV2Store.java
        GSCDatabase.java
        RevokingStore.java
        DelegatedResourceStore.java
        PeersStore.java
        TransactionRetStore.java
        BlockStore.java
        DelegatedResourceAccountIndexStore.java
        TransactionCache.java
        AccountStore.java
        RevokingDatabase.java
        ContractStore.java
        CheckTmpStore.java
        db2
        common
        TxCacheDB.java
        ConcurrentHashDB.java
        DB.java
        LevelDB.java
        HashDB.java
        IRevokingDB.java
        Flusher.java
        Value.java
        Key.java
        RocksDB.java
        core
        RevokingDBWithCachingNewValue.java
        IGSCChainBase.java
        Snapshot.java
        RevokingDBWithCachingOldValue.java
        AbstractSnapshot.java
        SnapshotRoot.java
        SnapshotImpl.java
        ISession.java
        SnapshotManager.java
        AccountIdIndexStore.java
        TransactionStore.java
        dbsource
        SourceInter.java
        leveldb
        LevelDbDataSourceImpl.java
        RocksDbDataSourceImpl.java
        Deposit.java
        BatchSourceInter.java
        DepositImpl.java
        WriteOptionsWrapper.java
        Type.java
        Value.java
        RocksDbSettings.java
        Key.java
        DbSourceInter.java
        CpuProcessor.java
        AccountIndexStore.java
        TransactionHistoryStore.java
        Manager.java
        ResourceProcessor.java
        CodeStore.java
        ExchangeStore.java
        BlockStoreInput.java
        trie
        TrieKey.java
        Trie.java
        TrieImpl.java
        net
        backup
        BackupServer.java
        BackupManager.java
        GSCNetDelegate.java
        client
        DatabaseGrpcClient.java
        PeerClient.java
        WalletGrpcClient.java
        GSCNetService.java
        GSCNetHandler.java
        service
        SyncService.java
        AdvService.java
        node
        statistics
        MessageStatistics.java
        Reputation.java
        MessageCount.java
        NodeStatistics.java
        Node.java
        table
        TimeComparator.java
        NodeTable.java
        KademliaOptions.java
        DistanceComparator.java
        NodeBucket.java
        NodeEntry.java
        NodeManager.java
        NodeHandler.java
        NodeInfo.java
        dht
        Peer.java
        Bucket.java
        DHTUtils.java
        peer
        p2p
        PingMessage.java
        MessageCodec.java
        MessageFactory.java
        Message.java
        HelloMessage.java
        StaticMessages.java
        P2pMessage.java
        P2pMessageFactory.java
        DisconnectMessage.java
        PongMessage.java
        Item.java
        PeerConnection.java
        message
        FetchInvDataMessage.java
        ItemNotFound.java
        GSCMessageFactory.java
        BlockInventoryMessage.java
        SyncBlockChainMessage.java
        BlockMessage.java
        TransactionsMessage.java
        TransactionMessage.java
        FetchBlockHeadersMessage.java
        MessageTypes.java
        InventoryMessage.java
        TransactionInventoryMessage.java
        GSCMessage.java
        ChainInventoryMessage.java
        BlocksMessage.java
        PeerInfo.java
        PeerStatusCheck.java
        handler
        SyncBlockChainMsgHandler.java
        FetchInvDataMsgHandler.java
        BlockMsgHandler.java
        ChainInventoryMsgHandler.java
        GSCMsgHandler.java
        InventoryMsgHandler.java
        TransactionsMsgHandler.java
        server
        ChannelManager.java
        PeerServer.java
        P2pHandler.java
        Channel.java
        FastForward.java
        GSCProtobufVarint32FrameDecoder.java
        MessageQueue.java
        MessageRoundtrip.java
        SyncPool.java
        PeerConnectionCheckService.java
        HandshakeHandler.java
        GSCChannelInitializer.java
        WireTrafficStats.java
        discover
        RefreshTask.java
        message
        backup
        KeepAliveMessage.java
        UdpMessageTypeEnum.java
        Message.java
        discover
        PingMessage.java
        NeighborsMessage.java
        PongMessage.java
        FindNodeMessage.java
        DiscoveryExecutor.java
        DiscoverServer.java
        DiscoverTask.java
        handler
        MessageHandler.java
        UdpEvent.java
        PacketDecoder.java
        EventHandler.java
        application
        Service.java
        ApplicationImpl.java
        ServiceContainer.java
        CliApplication.java
        GSCApplicationContext.java
        ApplicationFactory.java
        Application.java
        runtime
        utils
        MUtil.java
        vm
        DataWord.java
        OpCode.java
        VM.java
        CpuCost.java
        LogInfo.java
        VMConstant.java
        VMUtils.java
        trace
        ProgramTraceListener.java
        ProgramTrace.java
        OpActions.java
        Op.java
        Serializers.java
        LogInfoTriggerParser.java
        CallCreate.java
        program
        ProgramResult.java
        ContractState.java
        ProgramPrecompile.java
        Memory.java
        Storage.java
        invoke
        ProgramInvokeImpl.java
        ProgramInvokeMockImpl.java
        ProgramInvokeFactory.java
        ProgramInvokeFactoryImpl.java
        ProgramInvoke.java
        Stack.java
        InternalTransaction.java
        listener
        ProgramListenerAware.java
        ProgramListener.java
        ProgramStorageChangeListener.java
        ProgramListenerAdaptor.java
        CompositeProgramListener.java
        Program.java
        LogEventWrapper.java
        PrecompiledContracts.java
        MessageCall.java
        RuntimeImpl.java
        config
        VMConfig.java
        event
        FilterQuery.java
        IPluginEventListener.java
        wrapper
        TriggerWrapper.java
        RawData.java
        ContractTriggerWrapper.java
        BlockLogTriggerWrapper.java
        ContractLogTriggerWrapper.java
        ContractEventTriggerWrapper.java
        TransactionLogTriggerWrapper.java
        ContractEventParserJson.java
        trigger
        ContractLogTrigger.java
        TransactionLogTrigger.java
        BlockLogTrigger.java
        InternalTransactionPojo.java
        ContractTrigger.java
        Trigger.java
        ContractEventTrigger.java
        nativequeue
        NativeMessageQueue.java
        ContractEventParser.java
        EventPluginLoader.java
        ContractEventParserAbi.java
        TriggerConfig.java
        EventPluginConfig.java
        Runtime.java
        config
        CommonConfig.java
        Configuration.java
        Parameter.java
        args
        GenesisBlock.java
        Witness.java
        Account.java
        Args.java
        Storage.java
        LocalWitnesses.java
        Overlay.java
        DefaultConfig.java
        Version.java
        Start.java
        core
        Constant.java
        wrapper
        AccountWrapper.java
        ReceiptWrapper.java
        utils
        TxOutputUtil.java
        DecodeResult.java
        ByteArrayWrapper.java
        MerkleTree.java
        RLP.java
        TransactionUtil.java
        RLPElement.java
        BlockUtil.java
        FastByteComparisons.java
        RLPItem.java
        ExchangeProcessor.java
        RLPList.java
        TxInputUtil.java
        TxInputWrapper.java
        TransactionInfoWrapper.java
        WitnessWrapper.java
        VotesWrapper.java
        ExchangeWrapper.java
        StorageRowWrapper.java
        BytesWrapper.java
        ContractWrapper.java
        DelegatedResourceAccountIndexWrapper.java
        BlockWrapper.java
        ProtoWrapper.java
        BlockIdWrapper.java
        DelegatedResourceWrapper.java
        TransactionRetWrapper.java
        CodeWrapper.java
        AssetIssueWrapper.java
        TxOutputWrapper.java
        TransactionResultWrapper.java
        TransactionWrapper.java
        BlockIdentifierWrapper.java
        ProposalWrapper.java
        witness
        BlockProductionCondition.java
        WitnessController.java
        ProposalController.java
        operator
        CreateAccountOperator.java
        ParticipateAssetIssueOperator.java
        TransferAssetOperator.java
        ProposalDeleteOperator.java
        AccountPermissionUpdateOperator.java
        UnfreezeBalanceOperator.java
        WitnessCreateOperator.java
        BuyStorageBytesOperator.java
        UpdateAccountOperator.java
        OperatorConstant.java
        UpdateSettingContractOperator.java
        BuyStorageOperator.java
        SellStorageOperator.java
        ExchangeTransactionOperator.java
        ProposalApproveOperator.java
        UnfreezeAssetOperator.java
        AbstractOperator.java
        VoteWitnessOperator.java
        ProposalCreateOperator.java
        AssetIssueOperator.java
        OperatorFactory.java
        SetAccountIdOperator.java
        Operator.java
        UpdateAssetOperator.java
        ClearABIContractOperator.java
        FreezeBalanceOperator.java
        WithdrawBalanceOperator.java
        ExchangeCreateOperator.java
        ExchangeInjectOperator.java
        TransferOperator.java
        ExchangeWithdrawOperator.java
        UpdateCpuLimitContractOperator.java
        WitnessUpdateOperator.java
        exception
        TaposException.java
        RevokingStoreIllegalStateException.java
        P2pException.java
        CancelException.java
        BadTransactionException.java
        ReceiptCheckErrException.java
        SignatureFormatException.java
        TraitorPeerException.java
        ContractExeException.java
        StoreException.java
        AccountResourceInsufficientException.java
        TooBigTransactionException.java
        BadBlockException.java
        BalanceInsufficientException.java
        HighFreqException.java
        HeaderNotFound.java
        TransactionExpirationException.java
        PermissionException.java
        ValidateScheduleException.java
        ContractSizeNotEqualToOneException.java
        TooBigTransactionResultException.java
        UnReachBlockException.java
        ContractValidateException.java
        GSCRuntimeException.java
        ValidateSignatureException.java
        UnLinkedBlockException.java
        BadNumberBlockException.java
        ItemNotFoundException.java
        ValidateNetException.java
        VMMemoryOverflowException.java
        NonCommonBlockException.java
        NonUniqueObjectException.java
        BadItemException.java
        VMIllegalException.java
        DupTransactionException.java
        GSCException.java
        Wallet.java
        WalletConfirmed.java
      - lombok.config
    - lombok.config
  - test
    - resources
      - logback-test.xml
      - soliditycode_v0.4.25
        contractGrcToken054.sol
        contractInternalTransaction003testInternalTransaction018.sol
        contractInternalTransaction003testInternalTransaction017.sol
        contractGrammar001test3Grammar003.sol
        contractGrcToken049.sol
        contractInternalTransaction001testInternalTransaction002.sol
        assertExceptiontest7TestAssertContract.sol
        contractGrammar002test4Grammar011.sol
        contractUnknownException.sol
        contractOriginEnergyLimit004.sol
        contractGrammar001test1Grammar001.sol
        contractGrcToken067.sol
        contractGrammar001test5Grammar006.sol
        contractGrammar002test2Grammar008.sol
        TransferFailed007.sol
        contractGrcToken031.sol
        contractScenario001.sol
        contractScenario009.sol
        contractOtherToTrcToken.sol
        contractInternalTransaction002test4InternalTransaction010.sol
        contractGrcToken066.sol
        contractGrcTokenToOther.sol
        requireExceptiontest8newContractGasNoenough.sol
        contractScenario003.sol
        contractGrammar001test4Grammar004.sol
        contractGrammar003test3Grammar016.sol
        contractOriginEnergyLimit001.sol
        contractLinkage004.sol
        contractScenario012.sol
        addTransferToken004Pure.sol
        assertExceptiontest1DivideInt.sol
        contractGrcToken043.sol
        contractGrcToken028.sol
        assertExceptiontest3ByteMinContract.sol
        contractGrcToken034.sol
        contractScenario013.sol
        contractGrammar003test1Grammar014.sol
        contractLinkage001.sol
        assertExceptiontest2FindArgsContractMinTest.sol
        addMsg001Nonpayable.sol
        addGrcToken001Assemble.sol
        contractGrcToken075.sol
        contractGrcToken064.sol
        contractGrcToken003.sol
        requireExceptiontest4noPayableContract.sol
        contractInternalTransaction002test1InternalTransaction007.sol
        contractGrcToken018.sol
        contractGrcToken073.sol
        contractGrcToken035.sol
        contractInternalTransaction003testInternalTransaction014.sol
        contractLinkage002.sol
        contractInternalTransaction001testInternalTransaction005.sol
        contractInnerContract.sol
        assertExceptiontest6UninitializedContract.sol
        contractGrcToken030.sol
        addTransferToken002View.sol
        contractGrcToken026.sol
        contractGrcToken027.sol
        addTransferToken003Constant.sol
        contractInternalTransaction001testInternalTransaction001.sol
        contractGrcToken041.sol
        contractGrcToken048.sol
        contractLinkage003.sol
        requireExceptiontest7payableFallbakContract.sol
        contractScenario007.sol
        contractGrcToken061.sol
        contractGrcToken060.sol
        requireExceptiontest3TestRevertContract.sol
        contractLinkage005.sol
        contractGrammar003test6Grammar019.sol
        contractGrcToken052.sol
        contractGrammar003test4Grammar017.sol
        addMsg004Pure.sol
        contractInternalTransaction002test3InternalTransaction009.sol
        contractGrcToken078.sol
        contractGrammar003test7Grammar020.sol
        walletTestMutiSign004.sol
        contractInternalTransaction003testInternalTransaction016.sol
        requireExceptiontest2TestThrowsContract.sol
        contractInternalTransaction003testInternalTransaction015.sol
        contractScenario005.sol
        contractInternalTransaction001testInternalTransaction006.sol
        contractGrcToken080.sol
        contractGrcToken077.sol
        TransferFailed001.sol
        contractGrcToken029.sol
        contractGrcToken076.sol
        contractInternalTransaction002test2InternalTransaction008.sol
        contractGrcToken001.sol
        contractGrcToken055.sol
        contractGrammar002test3Grammar010.sol
        contractGrcToken012.sol
        requireExceptiontest9MessageUsedErrorFeed.sol
        contractGrammar001test2Grammar002.sol
        contractGrcToken079.sol
        TransferFailed005.sol
        contractGrcToken002.sol
        codeSaftySupport.sol
        contractGrammar002test6Grammar013.sol
        contractScenario014.sol
        contractGrcToken039.sol
        contractInternalTransaction001testInternalTransaction004.sol
        addMsg003Constant.sol
        requireExceptiontestFunctionUsedErrorFeed.sol
        requireExceptiontest6transferTestContract.sol
        contractGrammar002test4Grammar012.sol
        contractGetterContract.sol
        contractGrcToken036.sol
        contractInternalTransaction003testInternalTransaction013.sol
        requireExceptiontest1TestRequireContract.sol
        contractGrcToken014.sol
        contractGrcToken011.sol
        contractInternalTransaction002test5InternalTransaction012.sol
        contractGrcToken038.sol
        assertExceptiontest4Enum.sol
        contractGrammar002test1Grammar007_1.sol
        contractGrcToken050.sol
        contractScenario006.sol
        assertExceptiontest5MoveRight.sol
        contractGrammar003test5Grammar018.sol
        contractGrcToken037.sol
        contractGrcToken051.sol
        codeSaftyUnsupport.sol
        contractGrcToken005.sol
        contractGrcToken023.sol
        contractToMathedFeed.sol
        addTransferToken001Nonpayable.sol
        contractInternalTransaction001testInternalTransaction003.sol
        contractGrammar003test2Grammar015.sol
        requireExceptiontest5noPayableConstructor.sol
        contractLinkage006.sol
        contractTest.sol
        contractGrammar002test1Grammar007_2.sol
        addMsg002View.sol
      - config-test.conf
      - soliditycode_v0.5.4
        contractGrcToken054.sol
        contractInternalTransaction003testInternalTransaction018.sol
        create2CallContract.sol
        extCodeHashTestNoPayable.sol
        testOutOfMem.sol
        contractInternalTransaction003testInternalTransaction017.sol
        contractGrammar001test3Grammar003.sol
        contractGrcToken049.sol
        contractInternalTransaction001testInternalTransaction002.sol
        assertExceptiontest7TestAssertContract.sol
        contractGrammar002test4Grammar011.sol
        TriggerConstant001.sol
        contractUnknownException.sol
        contractGrammar001test1Grammar001.sol
        GvmNewCommand109.sol
        contractGrcToken067.sol
        contractGrammar001test5Grammar006.sol
        contractGrammar002test2Grammar008.sol
        GvmNewCommand043.sol
        TransferFailed007.sol
        contractGrcToken031.sol
        contractScenario001.sol
        contractScenario009.sol
        contractOriginCpuLimit004.sol
        contractInternalTransaction002test4InternalTransaction010.sol
        extCodeHash.sol
        contractGrcToken066.sol
        contractGrcTokenToOther.sol
        requireExceptiontest8newContractGasNoenough.sol
        contractScenario003.sol
        GvmNewCommand107.sol
        contractGrammar001test4Grammar004.sol
        contractGrammar003test3Grammar016.sol
        Create2Test023.sol
        contractLinkage004.sol
        contractScenario012.sol
        ExtCodeHashTest010.sol
        addTransferToken004Pure.sol
        assertExceptiontest1DivideInt.sol
        contractGrcToken043.sol
        contractGrcToken028.sol
        TriggerConstant002.sol
        assertExceptiontest3ByteMinContract.sol
        contractGrcToken034.sol
        contractGrcToken036_1.sol
        contractScenario013.sol
        contractOriginCpuLimit001.sol
        contractGrammar003test1Grammar014.sol
        contractLinkage001.sol
        assertExceptiontest2FindArgsContractMinTest.sol
        addMsg001Nonpayable.sol
        addGrcToken001Assemble.sol
        contractGrcToken075.sol
        contractGrcToken064.sol
        contractGrcToken003.sol
        requireExceptiontest4noPayableContract.sol
        contractInternalTransaction002test1InternalTransaction007.sol
        contractGrcToken018.sol
        contractGrcToken073.sol
        contractGrcToken035.sol
        contractInternalTransaction003testInternalTransaction014.sol
        contractLinkage002.sol
        contractInternalTransaction001testInternalTransaction005.sol
        ClearAbi001.sol
        contractInnerContract.sol
        create2contractn2.sol
        constantContract001.sol
        create2contract22.sol
        suicide001.sol
        assertExceptiontest6UninitializedContract.sol
        contractGrcToken030.sol
        addTransferToken002View.sol
        contractGrcToken026.sol
        Create2Test025.sol
        contractGrcToken027.sol
        addTransferToken003Constant.sol
        contractInternalTransaction001testInternalTransaction001.sol
        contractInternalTransaction002test4InternalTransaction010_1.sol
        contractGrcToken041.sol
        contractGrcToken048.sol
        contractLinkage003.sol
        requireExceptiontest7payableFallbakContract.sol
        contractScenario007.sol
        addTransferToken001payable.sol
        contractGrcToken061.sol
        contractGrcToken060.sol
        requireExceptiontest3TestRevertContract.sol
        contractLinkage005.sol
        GvmNewCommand103.sol
        contractGrammar003test6Grammar019.sol
        contractGrcToken036_3.sol
        contractGrcToken052.sol
        contractGrcToken036_old.sol
        contractGrammar003test4Grammar017.sol
        addMsg004Pure.sol
        contractInternalTransaction002test3InternalTransaction009.sol
        contractGrcToken078.sol
        contractGrammar003test7Grammar020.sol
        walletTestMutiSign004.sol
        contractInternalTransaction003testInternalTransaction016.sol
        extCodeHash11.sol
        requireExceptiontest2TestThrowsContract.sol
        contractInternalTransaction003testInternalTransaction015.sol
        contractScenario005.sol
        contractInternalTransaction001testInternalTransaction006.sol
        contractGrcToken080.sol
        contractGrcToken077.sol
        TransferFailed001.sol
        contractGrcToken029.sol
        contractGrcToken076.sol
        extCodeHashConstruct.sol
        contractInternalTransaction002test2InternalTransaction008.sol
        requireExceptiontest5noPayableConstructor_1.sol
        contractGrcToken001.sol
        contractGrcToken055.sol
        contractGrammar002test3Grammar010.sol
        contractGrcToken012.sol
        requireExceptiontest9MessageUsedErrorFeed.sol
        contractGrammar001test2Grammar002.sol
        ClearAbi005.sol
        contractGrcToken079.sol
        TransferFailed005.sol
        contractGrcToken002.sol
        codeSaftySupport.sol
        contractGrammar002test6Grammar013.sol
        contractGrcToken036_2.sol
        GvmOldCommand001.sol
        contractScenario014.sol
        contractGrcToken039.sol
        contractInternalTransaction001testInternalTransaction004.sol
        addMsg003Constant.sol
        requireExceptiontestFunctionUsedErrorFeed.sol
        requireExceptiontest6transferTestContract.sol
        contractGrammar002test4Grammar012.sol
        TriggerConstant003.sol
        Create2Test024.sol
        extCodeHashStress.sol
        contractGetterContract.sol
        contractGrcToken036.sol
        contractOtherToGrcToken.sol
        AssertException002.sol
        contractGrcToken036_4.sol
        ShiftCommand001.sol
        contractInternalTransaction003testInternalTransaction013.sol
        TriggerConstant024.sol
        suicide002.sol
        requireExceptiontest1TestRequireContract.sol
        contractGrcToken014.sol
        create2contractn.sol
        event002.sol
        GvmNewCommand108.sol
        contractGrcToken011.sol
        contractInternalTransaction002test5InternalTransaction012.sol
        contractGrcToken038.sol
        create2contract.sol
        assertExceptiontest4Enum.sol
        contractGrammar002test1Grammar007_1.sol
        contractGrcToken050.sol
        TriggerConstant004.sol
        contractScenario006.sol
        assertExceptiontest5MoveRight.sol
        contractGrammar003test5Grammar018.sol
        contractGrcToken037.sol
        contractGrcToken051.sol
        codeSaftyUnsupport.sol
        TriggerConstant015.sol
        requireExceptiontest4noPayableContract_1.sol
        demo.sol
        contractGrcToken005.sol
        contractGrcToken023.sol
        contractToMathedFeed.sol
        addTransferToken001Nonpayable.sol
        contractInternalTransaction001testInternalTransaction003.sol
        contractGrammar003test2Grammar015.sol
        requireExceptiontest5noPayableConstructor.sol
        contractLinkage006.sol
        contractTest.sol
        event001.sol
        contractGrammar002test1Grammar007_2.sol
        TransferFailed006.sol
        contractScenario002.sol
        addMsg002View.sol
      - config-test-dbbackup.conf
      - config-test-index.conf
      - config-test-mainnet.conf
      - solidityFile.xml
      - config-test-storagetest.conf
      - solcDir
        README.txt
      - testng.xml
      - daily-build.xml
    - java
      - org
        gsc
        crypto
        ECKeyTest.java
        utils
        ByteArrayTest.java
        PropUtilTest.java
        SelectRocksDBData.java
        FileUtilTest.java
        ObjectSizeUtilTest.java
        RandomGeneratorTest.java
        SelectLevelDBData.java
        ReflectUtils.java
        PrivKeyToPubKey.java
        TypeConversionTest.java
        Sha256HashTest.java
        LoggerTest.java
        ByteString.java
        services
        NodeInfoServiceTest.java
        RpcApiServiceTest.java
        db
        backup
        BackupDbUtilTest.java
        ManagerTest.java
        TransactionStoreTest.java
        VotesStoreTest.java
        ManagerForTest.java
        TransactionTraceTest.java
        api
        AssetUpdateHelperTest.java
        IndexHelperTest.java
        StoreAPITest.java
        BlockStoreTest.java
        AccountIdIndexStoreTest.java
        AccountStoreTest.java
        WitnessStoreTest.java
        BlockFilledSlotsTest.java
        db2
        SnapshotManagerTest.java
        RevokingDbWithCacheOldValueTest.java
        SnapshotRootTest.java
        RevokingDbWithCacheNewValueTest.java
        TransactionHistoryTest.java
        dbsource
        leveldb
        RocksDbDataSourceImplTest.java
        LevelDbDataSourceImplTest.java
        TransactionRetStoreTest.java
        KhaosDatabaseTest.java
        net
        services
        AdvServiceTest.java
        DisconnectMessageTest.java
        TcpTest.java
        BaseNet.java
        BaseNetTest.java
        peer
        handler
        ChainInventoryMsgHandlerTest.java
        SyncBlockChainMsgHandlerTest.java
        BlockMsgHandlerTest.java
        FetchInvDataMsgHandlerTest.java
        InventoryMsgHandlerTest.java
        UdpTest.java
        MessageTest.java
        tire
        TrieTest.java
        runtime
        RuntimeImplTest.java
        vm
        CpuWhenAssertStyleTest.java
        NetRuntimeWithCheckTest.java
        StorageTest.java
        NetRuntimeTest.java
        Create2Test.java
        CpuWhenRequireStyleTest.java
        NetRuntimeOutOfTimeWithCheckTest.java
        CreateContractSuicideTest.java
        DepositTest.java
        DataWordTest.java
        CpuWhenTimeoutStyleTest.java
        PrecompiledContractsTest.java
        VMTestBase.java
        InternalTransactionCallTest.java
        CpuWhenSendAndTransferTest.java
        MemoryTest.java
        InterpreterTest.java
        NetRuntimeOutOfTimeTest.java
        TimeBenchmarkTest.java
        TransferFailedCpuTest.java
        TransferTokenTest.java
        ChargeTest.java
        ExtCodeHashTest.java
        RuntimeTransferComplexTest.java
        ProgramResultTest.java
        event
        FilterQueryTest.java
        EventParserJsonTest.java
        NativeMessageQueueTest.java
        EventLoaderTest.java
        EventParserTest.java
        InternalTransactionComplexTest.java
        InheritanceTest.java
        GVMTestResult.java
        GVMTestUtils.java
        config
        ConfigurationTest.java
        args
        WitnessTest.java
        AccountTest.java
        StorageTest.java
        LocalWitnessTest.java
        OverlayTest.java
        GenesisBlockTest.java
        ArgsTest.java
        wallet
        transfer
        WalletTestTransfer004.java
        WalletTestTransfer003.java
        WalletTestTransfer001.java
        committee
        WalletTestCommittee002.java
        WalletTestCommittee003.java
        WalletTestCommittee001.java
        dailybuild
        exceptionfee
        AssertException.java
        internaltransaction
        ContractInternalTransaction001.java
        ContractInternalTransaction002.java
        ContractInternalTransaction003.java
        multisign
        MultiSign10.java
        MultiSign08.java
        MultiSign26.java
        MultiSign30.java
        MultiSign01.java
        MultiSign25.java
        MultiSign17.java
        MultiSign31.java
        MultiSign14.java
        MultiSign15.java
        MultiSign19.java
        MultiSign13.java
        MultiSign33.java
        MultiSign37.java
        MultiSign24.java
        MultiSign20.java
        MultiSign32.java
        MultiSign36.java
        MultiSign05.java
        MultiSign06.java
        MultiSign35.java
        MultiSign22.java
        MultiSign28.java
        MultiSign11.java
        MultiSign03.java
        MultiSign12.java
        MultiSign07.java
        MultiSign09.java
        MultiSign18.java
        MultiSign21.java
        MultiSign34.java
        MultiSign02.java
        MultiSign04.java
        MultiSign23.java
        MultiSign29.java
        MultiSign27.java
        MultiSign16.java
        delaytransaction
        DelayTransaction007.java
        DelayTransaction010.java
        DelayTransaction011.java
        DelayTransaction002.java
        DelayTransaction004.java
        DelayTransaction001.java
        DelayTransaction005.java
        DelayTransaction009.java
        DelayTransaction008.java
        DelayTransaction003.java
        DelayTransaction006.java
        grctoken
        ContractGrcToken028.java
        ContractGrcToken080.java
        ContractGrcToken036.java
        ContractGrcToken064.java
        ContractGrcToken061.java
        ContractGrcToken034.java
        ContractGrcToken079.java
        ContractGrcToken051.java
        ContractGrcToken014.java
        ContractGrcToken075.java
        ContractGrcToken038.java
        ContractGrcToken048.java
        ContractGrcToken055.java
        ContractGrcToken049.java
        ContractGrcToken050.java
        ContractGrcToken077.java
        ContractGrcToken041.java
        ContractGrcToken052.java
        ContractGrcToken078.java
        ContractGrcToken031.java
        ContractGrcToken054.java
        ContractGrcToken003.java
        ContractGrcToken026.java
        ContractGrcToken023.java
        ContractGrcToken002.java
        ContractGrcToken012.java
        ContractGrcToken027.java
        ContractGrcToken029.java
        ContractGrcToken005.java
        ContractGrcToken043.java
        ContractGrcToken066.java
        ContractGrcToken067.java
        ContractGrcToken018.java
        ContractGrcToken076.java
        ContractGrcToken011.java
        ContractGrcToken039.java
        ContractGrcToken030.java
        ContractGrcToken073.java
        ContractGrcToken037.java
        ContractGrcToken001.java
        ContractGrcToken060.java
        ContractGrcToken035.java
        manual
        ContractScenario011.java
        ContractUnknownException.java
        WalletTestBlock001.java
        WalletTestTransfer006.java
        WalletTestAccount010.java
        WalletTestNode001.java
        ContractScenario015.java
        ContractLinkage006.java
        WalletTestAccount012.java
        WalletTestAccount002.java
        RequireException.java
        ContractScenario002.java
        WalletTestAccount014.java
        WalletTestTransfer005.java
        ContractScenario014.java
        ContractLinkage005.java
        WalletTestTransfer002.java
        ContractLinkage001.java
        WalletTestMutiSign002.java
        WalletTestBlock002.java
        WalletTestWitness003.java
        gvmnewcommand
        clearabi
        ClearAbi006.java
        ClearAbi008.java
        ClearAbi007.java
        ClearAbi003.java
        ClearAbi004.java
        ClearAbi002.java
        ClearAbi005.java
        ClearAbi001.java
        create2
        Create2Test001.java
        Create2Test011.java
        Create2Test014.java
        Create2Test017.java
        Create2Test008.java
        Create2Test018.java
        Create2Test012.java
        Create2Test024.java
        Create2Test002.java
        Create2Test005.java
        Create2Test016.java
        Create2Test007.java
        Create2Test003.java
        Create2Test010.java
        Create2Test019.java
        Create2Test025.java
        Create2Test004.java
        Create2Test013.java
        Create2Test021.java
        Create2Test006.java
        Create2Test020.java
        Create2Test015.java
        Create2Test023.java
        Create2Test009.java
        extCodeHash
        ExtCodeHashTest008.java
        ExtCodeHashTest007.java
        ExtCodeHashTest001.java
        ExtCodeHashTest004.java
        ExtCodeHashTest010.java
        ExtCodeHashTest005.java
        ExtCodeHashTest003.java
        ExtCodeHashTest006.java
        ExtCodeHashTest011.java
        ExtCodeHashTest009.java
        ExtCodeHashTest002.java
        shiftcommand
        ShiftCommand001.java
        ShiftCommand002.java
        ShiftCommand006.java
        ShiftCommand005.java
        ShiftCommand004.java
        ShiftCommand003.java
        transferfailed
        TransferFailed003.java
        TransferFailed002.java
        TransferFailed004.java
        TransferFailed006.java
        TransferFailed007.java
        TransferFailed005.java
        TestResourceReceiver.java
        TransferFailed001.java
        triggerconstant
        TriggerConstant024.java
        TriggerConstant018.java
        TriggerConstant012.java
        TriggerConstant014.java
        TriggerConstant002.java
        TriggerConstant020.java
        TriggerConstant019.java
        TriggerConstant005.java
        TriggerConstant007.java
        TriggerConstant003.java
        TriggerConstant010.java
        TriggerConstant025.java
        TriggerConstant026.java
        TriggerConstant009.java
        TriggerConstant001.java
        TriggerConstant011.java
        TriggerConstant006.java
        TriggerConstant004.java
        TriggerConstant022.java
        TriggerConstant013.java
        TriggerConstant017.java
        TriggerConstant023.java
        TriggerConstant015.java
        TriggerConstant021.java
        TriggerConstant008.java
        TriggerConstant016.java
        grammar
        ContractGrammar004.java
        ContractGrammar001.java
        ContractGrammar002.java
        ContractGrammar003.java
        origincpulimit
        ContractOriginCpuLimit001.java
        ContractOriginCpuLimit004.java
        assetissue
        WalletTestAssetIssue004.java
        WalletTestAssetIssue013.java
        WalletTestAssetIssue010.java
        WalletTestAssetIssue005.java
        WalletTestAssetIssue014.java
        WalletTestAssetIssue015.java
        WalletTestAssetIssue011.java
        WalletTestAssetIssue002.java
        WalletTestAssetIssue016.java
        WalletTestAssetIssue009.java
        WalletTestAssetIssue006.java
        WalletTestAssetIssue001.java
        WalletTestAssetIssue008.java
        WalletTestAssetIssue007.java
        WalletTestAssetIssue003.java
        WalletTestAssetIssue012.java
        operationupdate
        WalletTestMutiSign014.java
        WalletTestMutiSign008.java
        WalletTestMutiSign016.java
        WalletTestMutiSign015.java
        WalletTestMutiSign017.java
        WalletTestMutiSign011.java
        WalletTestMutiSign006.java
        WalletTestMutiSign010.java
        WalletTestMutiSign009.java
        WalletTestMutiSign007.java
        WalletTestMutiSign018.java
        WalletTestMutiSign012.java
        WalletTestMutiSign013.java
        http
        HttpTestEasyAccount001.java
        HttpTestBlock001.java
        HttpTestAsset001.java
        HttpTestAccount001.java
        HttpTestExchange001.java
        HttpTestConstantContract001.java
        HttpTestSmartContract001.java
        HttpTestSendCoin001.java
        HttpTestProposal001.java
        HttpTestMutiSign001.java
        HttpTestAccount003.java
        HttpTestAccount004.java
        HttpTestAccount002.java
        HttpTestClearAbiContract001.java
        mutisign
        WalletTestMutiSign005.java
        WalletTestMutiSign004.java
        WalletTestMutiSign001.java
        WalletTestMutiSign003.java
        newinterface
        CreateAssetIssue2Test.java
        CreateAccount2Test.java
        VoteWitnessAccount2Test.java
        CreateaAndUpdateWitness2Test.java
        GetBlockByLatestNum2Test.java
        FreezeBalance2Test.java
        UpdateAsset2Test.java
        UnfreezeAsset2Test.java
        GetBlockByNum2Test.java
        GetTransactionsFromThis2Test.java
        TransferAsset2Test.java
        GetNowBlock2Test.java
        GetTransactionsToThis2.java
        UpdateAccount2Test.java
        CreateTransaction2Test.java
        GetBlockByLimitNext2.java
        WithdrawBalance2Test.java
        ParticipateAssetIssue2Test.java
        common
        client
        utils
        DataWord.java
        HttpMethed.java
        RetryListener.java
        TransactionUtils.java
        ByteArrayWrapper.java
        FileUtil.java
        PublicMethedForMutiSign.java
        Sha256Hash.java
        Base58.java
        Retry.java
        DailyBuildReport.java
        AbiUtil.java
        Configuration.java
        Parameter.java
        GrpcClient.java
        WalletClient.java
        witness
        WalletTestWitness001.java
        WalletTestWitness002.java
        contract
        linkage
        ContractLinkage002.java
        ContractLinkage003.java
        ContractLinkage001.java
        scenario
        ContractScenario004.java
        ContractScenario001.java
        ContractScenario008.java
        ContractScenario015.java
        ContractScenario012.java
        ContractScenario010.java
        ContractScenario007.java
        ContractScenario006.java
        ContractScenario014.java
        ContractScenario016.java
        ContractScenario005.java
        ContractScenario003.java
        ContractScenario009.java
        ContractScenario013.java
        onlinestress
        MainNetVoteOrFreezeOrCreate.java
        TestApproveProposal.java
        MainNetTransferSendOrAsset.java
        TestMutiSignStress.java
        HttpStressTest.java
        TestExceptionCodeAndAbi.java
        CycleMultiSign.java
        TestTransferTokenInContract.java
        TestMapBigLongAndNumbers.java
        MutiSignStress.java
        TestNetFomo3D.java
        TestExchangeTransaction.java
        ContractEvent001.java
        TestStorageAndCpu.java
        DelayTransactionStress.java
        ExtCodeHashStressTest.java
        exchangeandtoken
        WalletTestAssetIssue020.java
        WalletTestAssetIssue019.java
        WalletTestAssetIssue017.java
        WalletExchange001.java
        WalletTestAssetIssue018.java
        block
        WalletTestBlock001.java
        WalletTestBlock003.java
        WalletTestBlock002.java
        account
        WalletTestAccount003.java
        WalletTestAccount004.java
        WalletTestAccount001.java
        WalletTestAccount005.java
        fulltest
        GvmContract.java
        ParticipateAssetIssue.java
        GSCDice.java
        SuperWitnessAllowance.java
        CreateAddressAndKey.java
        TransferAssetIssue.java
        Fuzzytest.java
        AttackSendcoin.java
        Creatasset.java
        FreezeAndSendcoin.java
        ContinueVote.java
        core
        TxOutputWrapperTest.java
        AccountVoteWitnessTest.java
        TransactionCapsuleTest.java
        BlockUtilTest.java
        wrapper
        utils
        ExchangeProcessorTest.java
        BlockUtil.java
        MerkleTreeTest.java
        VotesWrapperTest.java
        AccountWrapperTest.java
        TransactionWrapperTest.java
        ExchangeWrapperTest.java
        BlockWrapperTest.java
        NetProcessorTest.java
        witness
        WitnessControllerTest.java
        ProposalControllerTest.java
        operator
        AssetIssueOperatorTest.java
        VoteWitnessOperatorTest.java
        WitnessUpdateOperatorTest.java
        SetAccountIdOperatorTest.java
        ExchangeTransactionOperatorTest.java
        UpdateCpuLimitContractOperatorTest.java
        BuyStorageBytesOperatorTest.java
        WitnessCreateOperatorTest.java
        SellStorageOperatorTest.java
        ProposalCreateOperatorTest.java
        UnfreezeAssetOperatorTest.java
        ExchangeCreateOperatorTest.java
        UnfreezeBalanceOperatorTest.java
        UpdateSettingContractOperatorTest.java
        ClearABIContractOperatorTest.java
        ExchangeInjectOperatorTest.java
        ProposalApproveOperatorTest.java
        BuyStorageOperatorTest.java
        CreateAccountOperatorTest.java
        TransferAssetOperatorTest.java
        UpdateAccountOperatorTest.java
        FreezeBalanceOperatorTest.java
        ParticipateAssetIssueOperatorTest.java
        WithdrawBalanceOperatorTest.java
        UpdateAssetOperatorTest.java
        ProposalDeleteOperatorTest.java
        ExchangeWithdrawOperatorTest.java
        TransferOperatorTest.java
        AccountPermissionUpdateOperatorTest.java
        ConfirmedNodeTest.java
        TxInputWrapperTest.java
        TxInputUtilTest.java
        TransactionWrapperTest.java
        TxOutputUtilTest.java
        StorageMarketTest.java
        WalletTest.java
        BlockWrapperTest.java
        CpuProcessorTest.java
      - lombok.config
    - lombok.config
  - lombok.config
- existsfile.txt
- gradle
  - wrapper
    - gradle-wrapper.properties
    - gradle-wrapper.jar
- .gitmodules
- LICENSE
- gradlew
- config
  - checkstyle
    - checkStyleAll.xml
- build.gradle
- .travis.yml
- README.md
- settings.gradle
- .gitignore

/*
 * Copyright (c) [2016] [ <ether.camp> ]
 * This file is part of the ethereumJ library.
 *
 * The ethereumJ library is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * The ethereumJ library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with the ethereumJ library. If not, see <http://www.gnu.org/licenses/>.
 */

package org.gsc.crypto;

import static org.gsc.utils.ByteUtil.bigIntegerToBytes;

import java.io.IOException;
import java.io.Serializable;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.annotation.Nullable;
import javax.crypto.KeyAgreement;

import lombok.extern.slf4j.Slf4j;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.DLSequence;
import org.spongycastle.asn1.sec.SECNamedCurves;
import org.spongycastle.asn1.x9.X9ECParameters;
import org.spongycastle.asn1.x9.X9IntegerConverter;
import org.spongycastle.crypto.agreement.ECDHBasicAgreement;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.crypto.engines.AESEngine;
import org.spongycastle.crypto.modes.SICBlockCipher;
import org.spongycastle.crypto.params.ECDomainParameters;
import org.spongycastle.crypto.params.ECPrivateKeyParameters;
import org.spongycastle.crypto.params.ECPublicKeyParameters;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.params.ParametersWithIV;
import org.spongycastle.crypto.signers.ECDSASigner;
import org.spongycastle.crypto.signers.HMacDSAKCalculator;
import org.spongycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.spongycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.spongycastle.jce.spec.ECParameterSpec;
import org.spongycastle.jce.spec.ECPrivateKeySpec;
import org.spongycastle.jce.spec.ECPublicKeySpec;
import org.spongycastle.math.ec.ECAlgorithms;
import org.spongycastle.math.ec.ECCurve;
import org.spongycastle.math.ec.ECPoint;
import org.spongycastle.util.BigIntegers;
import org.spongycastle.util.encoders.Base64;
import org.spongycastle.util.encoders.Hex;
import org.gsc.crypto.jce.ECKeyAgreement;
import org.gsc.crypto.jce.ECKeyFactory;
import org.gsc.crypto.jce.ECKeyPairGenerator;
import org.gsc.crypto.jce.ECSignatureFactory;
import org.gsc.crypto.jce.GSCCastleProvider;
import org.gsc.utils.ByteUtil;
import org.gsc.utils.BIUtil;

@Slf4j(topic = "crypto")
public class ECKey implements Serializable {

    /**
     * The parameters of the secp256k1 curve.
     */
    public static final ECDomainParameters CURVE;
    public static final ECParameterSpec CURVE_SPEC;

    /**
     * Equal to CURVE.getN().shiftRight(1), used for canonicalising the S value of a signature. ECDSA
     * signatures are mutable in the sense that for a given (R, S) pair, then both (R, S) and (R, N -
     * S mod N) are valid signatures. Canonical signatures are those where 1 <= S <= N/2
     *
     * <p>See https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki
     * #Low_S_values_in_signatures
     */

    public static final BigInteger HALF_CURVE_ORDER;
    private static final BigInteger SECP256K1N =
            new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141", 16);
    private static final SecureRandom secureRandom;
    private static final long serialVersionUID = -728224901792295832L;

    static {
        // All clients must agree on the curve to use by agreement.
        X9ECParameters params = SECNamedCurves.getByName("secp256k1");
        CURVE = new ECDomainParameters(params.getCurve(), params.getG(),
                params.getN(), params.getH());
        CURVE_SPEC = new ECParameterSpec(params.getCurve(), params.getG(),
                params.getN(), params.getH());
        HALF_CURVE_ORDER = params.getN().shiftRight(1);
        secureRandom = new SecureRandom();
    }

    protected final ECPoint pub;
    // The two parts of the key. If "priv" is set, "pub" can always be
    // calculated. If "pub" is set but not "priv", we
    // can only verify signatures not make them.
    // TODO: Redesign this class to use consistent internals and more
    // efficient serialization.
    private final PrivateKey privKey;
    // the Java Cryptographic Architecture provider to use for Signature
    // this is set along with the PrivateKey privKey and must be compatible
    // this provider will be used when selecting a Signature instance
    // https://docs.oracle.com/javase/8/docs/technotes/guides/security
    // /SunProviders.html
    private final Provider provider;

    // Transient because it's calculated on demand.
    private transient byte[] pubKeyHash;
    private transient byte[] nodeId;

    /**
     * Generates an entirely new keypair.
     *
     * <p>BouncyCastle will be used as the Java Security Provider
     */
    public ECKey() {
        this(secureRandom);
    }

    /**
     * Generate a new keypair using the given Java Security Provider.
     *
     * <p>All private key operations will use the provider.
     */
    public ECKey(Provider provider, SecureRandom secureRandom) {
        this.provider = provider;

        final KeyPairGenerator keyPairGen = ECKeyPairGenerator.getInstance(provider, secureRandom);
        final KeyPair keyPair = keyPairGen.generateKeyPair();

        this.privKey = keyPair.getPrivate();

        final PublicKey pubKey = keyPair.getPublic();
        if (pubKey instanceof BCECPublicKey) {
            pub = ((BCECPublicKey) pubKey).getQ();
        } else if (pubKey instanceof ECPublicKey) {
            pub = extractPublicKey((ECPublicKey) pubKey);
        } else {
            throw new AssertionError(
                    "Expected Provider " + provider.getName()
                            + " to produce a subtype of ECPublicKey, found "
                            + pubKey.getClass());
        }
    }

    /**
     * Generates an entirely new keypair with the given {@link SecureRandom} object. <p> BouncyCastle
     * will be used as the Java Security Provider
     *
     * @param secureRandom -
     */
    public ECKey(SecureRandom secureRandom) {
        this(GSCCastleProvider.getInstance(), secureRandom);
    }

    /**
     * Pair a private key with a public EC point.
     *
     * <p>All private key operations will use the provider.
     */

    public ECKey(Provider provider, @Nullable PrivateKey privKey, ECPoint pub) {
        this.provider = provider;

        if (privKey == null || isECPrivateKey(privKey)) {
            this.privKey = privKey;
        } else {
            throw new IllegalArgumentException(
                    "Expected EC private key, given a private key object with" +
                            " class "
                            + privKey.getClass().toString() +
                            " and algorithm "
                            + privKey.getAlgorithm());
        }

        if (pub == null) {
            throw new IllegalArgumentException("Public key may not be null");
        } else {
            this.pub = pub;
        }
    }

    /**
     * Pair a private key integer with a public EC point <p> BouncyCastle will be used as the Java
     * Security Provider
     */
    public ECKey(@Nullable BigInteger priv, ECPoint pub) {
        this(
                GSCCastleProvider.getInstance(),
                privateKeyFromBigInteger(priv),
                pub
        );
    }

    /* Convert a Java JCE ECPublicKey into a BouncyCastle ECPoint
     */
    private static ECPoint extractPublicKey(final ECPublicKey ecPublicKey) {
        final java.security.spec.ECPoint publicPointW = ecPublicKey.getW();
        final BigInteger xCoord = publicPointW.getAffineX();
        final BigInteger yCoord = publicPointW.getAffineY();

        return CURVE.getCurve().createPoint(xCoord, yCoord);
    }

    /* Test if a generic private key is an EC private key
     *
     * it is not sufficient to check that privKey is a subtype of ECPrivateKey
     * as the SunPKCS11 Provider will return a generic PrivateKey instance
     * a fallback that covers this case is to check the key algorithm
     */
    private static boolean isECPrivateKey(PrivateKey privKey) {
        return privKey instanceof ECPrivateKey || privKey.getAlgorithm()
                .equals("EC");
    }

    /* Convert a BigInteger into a PrivateKey object
     */
    private static PrivateKey privateKeyFromBigInteger(BigInteger priv) {
        if (priv == null) {
            return null;
        } else {
            try {
                return ECKeyFactory
                        .getInstance(GSCCastleProvider.getInstance())
                        .generatePrivate(new ECPrivateKeySpec(priv,
                                CURVE_SPEC));
            } catch (InvalidKeySpecException ex) {
                throw new AssertionError("Assumed correct key spec statically");
            }
        }
    }

    /**
     * Utility for compressing an elliptic curve point. Returns the same point if it's already
     * compressed. See the ECKey class docs for a discussion of point compression.
     *
     * @param uncompressed -
     * @return -
     * @deprecated per-point compression property will be removed in Bouncy Castle
     */
    public static ECPoint compressPoint(ECPoint uncompressed) {
        return CURVE.getCurve().decodePoint(uncompressed.getEncoded(true));
    }

    /**
     * Utility for decompressing an elliptic curve point. Returns the same point if it's already
     * compressed. See the ECKey class docs for a discussion of point compression.
     *
     * @param compressed -
     * @return -
     * @deprecated per-point compression property will be removed in Bouncy Castle
     */
    public static ECPoint decompressPoint(ECPoint compressed) {
        return CURVE.getCurve().decodePoint(compressed.getEncoded(false));
    }

    /**
     * Creates an ECKey given the private key only.
     *
     * @param privKey -
     * @return -
     */
    public static ECKey fromPrivate(BigInteger privKey) {
        return new ECKey(privKey, CURVE.getG().multiply(privKey));
    }

    /**
     * Creates an ECKey given the private key only.
     *
     * @param privKeyBytes -
     * @return -
     */
    public static ECKey fromPrivate(byte[] privKeyBytes) {
        return fromPrivate(new BigInteger(1, privKeyBytes));
    }

    /**
     * Creates an ECKey that simply trusts the caller to ensure that point is really the result of
     * multiplying the generator point by the private key. This is used to speed things up when you
     * know you have the right values already. The compression state of pub will be preserved.
     *
     * @param priv -
     * @param pub  -
     * @return -
     */
    public static ECKey fromPrivateAndPrecalculatedPublic(BigInteger priv,
                                                          ECPoint pub) {
        return new ECKey(priv, pub);
    }

    /**
     * Creates an ECKey that simply trusts the caller to ensure that point is really the result of
     * multiplying the generator point by the private key. This is used to speed things up when you
     * know you have the right values already. The compression state of the point will be preserved.
     *
     * @param priv -
     * @param pub  -
     * @return -
     */
    public static ECKey fromPrivateAndPrecalculatedPublic(byte[] priv, byte[]
            pub) {
        check(priv != null, "Private key must not be null");
        check(pub != null, "Public key must not be null");
        return new ECKey(new BigInteger(1, priv), CURVE.getCurve()
                .decodePoint(pub));
    }

    /**
     * Creates an ECKey that cannot be used for signing, only verifying signatures, from the given
     * point. The compression state of pub will be preserved.
     *
     * @param pub -
     * @return -
     */
    public static ECKey fromPublicOnly(ECPoint pub) {
        return new ECKey(null, pub);
    }

    /**
     * Creates an ECKey that cannot be used for signing, only verifying signatures, from the given
     * encoded point. The compression state of pub will be preserved.
     *
     * @param pub -
     * @return -
     */
    public static ECKey fromPublicOnly(byte[] pub) {
        return new ECKey(null, CURVE.getCurve().decodePoint(pub));
    }

    /**
     * Returns public key bytes from the given private key. To convert a byte array into a BigInteger,
     * use <tt> new BigInteger(1, bytes);</tt>
     *
     * @param privKey    -
     * @param compressed -
     * @return -
     */
    public static byte[] publicKeyFromPrivate(BigInteger privKey, boolean
            compressed) {
        ECPoint point = CURVE.getG().multiply(privKey);
        return point.getEncoded(compressed);
    }

    /**
     * Compute an address from an encoded public key.
     *
     * @param pubBytes an encoded (uncompressed) public key
     * @return 23-byte address
     */
    public static byte[] computeAddress(byte[] pubBytes) {
        return Hash.sha3omit12(
                Arrays.copyOfRange(pubBytes, 1, pubBytes.length));
    }

    /**
     * Compute an address from a public point.
     *
     * @param pubPoint a public point
     * @return 23-byte address
     */
    public static byte[] computeAddress(ECPoint pubPoint) {
        return computeAddress(pubPoint.getEncoded(/* uncompressed */ false));
    }

    /**
     * Compute the encoded X, Y coordinates of a public point. <p> This is the encoded public key
     * without the leading byte.
     *
     * @param pubPoint a public point
     * @return 64-byte X,Y point pair
     */
    public static byte[] pubBytesWithoutFormat(ECPoint pubPoint) {
        final byte[] pubBytes = pubPoint.getEncoded(/* uncompressed */ false);
        return Arrays.copyOfRange(pubBytes, 1, pubBytes.length);
    }

    /**
     * Recover the public key from an encoded node id.
     *
     * @param nodeId a 64-byte X,Y point pair
     */
    public static ECKey fromNodeId(byte[] nodeId) {
        check(nodeId.length == 64, "Expected a 64 byte node id");
        byte[] pubBytes = new byte[65];
        System.arraycopy(nodeId, 0, pubBytes, 1, nodeId.length);
        pubBytes[0] = 0x04; // uncompressed
        return ECKey.fromPublicOnly(pubBytes);
    }

    public static byte[] signatureToKeyBytes(byte[] messageHash, String
            signatureBase64) throws SignatureException {
        byte[] signatureEncoded;
        try {
            signatureEncoded = Base64.decode(signatureBase64);
        } catch (RuntimeException e) {
            // This is what you getData back from Bouncy Castle if base64 doesn't
            // decode :(
            throw new SignatureException("Could not decode base64", e);
        }
        // Parse the signature bytes into r/s and the selector value.
        if (signatureEncoded.length < 65) {
            throw new SignatureException("Signature truncated, expected 65 " +
                    "bytes and got " + signatureEncoded.length);
        }

        return signatureToKeyBytes(
                messageHash,
                ECDSASignature.fromComponents(
                        Arrays.copyOfRange(signatureEncoded, 1, 33),
                        Arrays.copyOfRange(signatureEncoded, 33, 65),
                        (byte) (signatureEncoded[0] & 0xFF)));
    }

    public static byte[] signatureToKeyBytes(byte[] messageHash,
                                             ECDSASignature sig) throws
            SignatureException {
        check(messageHash.length == 32, "messageHash argument has length " +
                messageHash.length);
        int header = sig.v;
        // The header byte: 0x1B = first key with even y, 0x1C = first key
        // with odd y,
        //                  0x1D = second key with even y, 0x1E = second key
        // with odd y
        if (header < 27 || header > 34) {
            throw new SignatureException("Header byte out of range: " + header);
        }
        if (header >= 31) {
            header -= 4;
        }
        int recId = header - 27;
        byte[] key = ECKey.recoverPubBytesFromSignature(recId, sig,
                messageHash);
        if (key == null) {
            throw new SignatureException("Could not recover public key from " +
                    "signature");
        }
        return key;
    }

    /**
     * Compute the address of the key that signed the given signature.
     *
     * @param messageHash     32-byte hash of message
     * @param signatureBase64 Base-64 encoded signature
     * @return 20-byte address
     */
    public static byte[] signatureToAddress(byte[] messageHash, String
            signatureBase64) throws SignatureException {
        return computeAddress(signatureToKeyBytes(messageHash,
                signatureBase64));
    }

    /**
     * Compute the address of the key that signed the given signature.
     *
     * @param messageHash 32-byte hash of message
     * @param sig         -
     * @return 20-byte address
     */
    public static byte[] signatureToAddress(byte[] messageHash,
                                            ECDSASignature sig) throws
            SignatureException {
        return computeAddress(signatureToKeyBytes(messageHash, sig));
    }

    /**
     * Compute the key that signed the given signature.
     *
     * @param messageHash     32-byte hash of message
     * @param signatureBase64 Base-64 encoded signature
     * @return ECKey
     */
    public static ECKey signatureToKey(byte[] messageHash, String
            signatureBase64) throws SignatureException {
        final byte[] keyBytes = signatureToKeyBytes(messageHash,
                signatureBase64);
        return ECKey.fromPublicOnly(keyBytes);
    }

    /**
     * Compute the key that signed the given signature.
     *
     * @param messageHash 32-byte hash of message
     * @param sig         -
     * @return ECKey
     */
    public static ECKey signatureToKey(byte[] messageHash, ECDSASignature
            sig) throws SignatureException {
        final byte[] keyBytes = signatureToKeyBytes(messageHash, sig);
        return ECKey.fromPublicOnly(keyBytes);
    }

    /**
     * <p>Verifies the given ECDSA signature against the message bytes using the public key bytes.</p>
     * <p> <p>When using native ECDSA verification, data must be 32 bytes, and no element may be
     * larger than 520 bytes.</p>
     *
     * @param data      Hash of the data to verify.
     * @param signature signature.
     * @param pub       The public key bytes to use.
     * @return -
     */
    public static boolean verify(byte[] data, ECDSASignature signature,
                                 byte[] pub) {
        ECDSASigner signer = new ECDSASigner();
        ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE
                .getCurve().decodePoint(pub), CURVE);
        signer.init(false, params);
        try {
            return signer.verifySignature(data, signature.r, signature.s);
        } catch (NullPointerException npe) {
            // Bouncy Castle contains a bug that can cause NPEs given
            // specially crafted signatures.
            // Those signatures are inherently invalid/attack sigs so we just
            // fail them here rather than crash the thread.
            logger.error("Caught NPE inside bouncy castle", npe);
            return false;
        }
    }

    /**
     * Verifies the given ASN.1 encoded ECDSA signature against a hash using the public key.
     *
     * @param data      Hash of the data to verify.
     * @param signature signature.
     * @param pub       The public key bytes to use.
     * @return -
     */
    public static boolean verify(byte[] data, byte[] signature, byte[] pub) {
        return verify(data, ECDSASignature.decodeFromDER(signature), pub);
    }

    /**
     * Returns true if the given pubkey is canonical, i.e. the correct length taking into account
     * compression.
     *
     * @param pubkey -
     * @return -
     */
    public static boolean isPubKeyCanonical(byte[] pubkey) {
        if (pubkey[0] == 0x04) {
            // Uncompressed pubkey
            return pubkey.length == 65;
        } else if (pubkey[0] == 0x02 || pubkey[0] == 0x03) {
            // Compressed pubkey
            return pubkey.length == 33;
        } else {
            return false;
        }
    }

    /**
     * <p>Given the components of a signature and a selector value, recover and return the public key
     * that generated the signature according to the algorithm in SEC1v2 section 4.1.6.</p>
     *
     * <p> <p>The recId is an index from 0 to 3 which indicates which of the 4 possible allKeys is the
     * correct one. Because the key recovery operation yields multiple potential allKeys, the correct
     * key must either be stored alongside the signature, or you must be willing to try each recId in
     * turn until you find one that outputs the key you are expecting.</p>
     *
     * <p> <p>If this method returns null it means recovery was not possible and recId should be
     * iterated.</p>
     *
     * <p> <p>Given the above two points, a correct usage of this method is inside a for loop from 0
     * to 3, and if the output is null OR a key that is not the one you expect, you try again with the
     * next recId.</p>
     *
     * @param recId       Which possible key to recover.
     * @param sig         the R and S components of the signature, wrapped.
     * @param messageHash Hash of the data that was signed.
     * @return 65-byte encoded public key
     */
    @Nullable
    public static byte[] recoverPubBytesFromSignature(int recId,
                                                      ECDSASignature sig,
                                                      byte[] messageHash) {
        check(recId >= 0, "recId must be positive");
        check(sig.r.signum() >= 0, "r must be positive");
        check(sig.s.signum() >= 0, "s must be positive");
        check(messageHash != null, "messageHash must not be null");
        // 1.0 For j from 0 to h   (h == recId here and the loop is outside
        // this function)
        //   1.1 Let x = r + jn
        BigInteger n = CURVE.getN();  // Curve order.
        BigInteger i = BigInteger.valueOf((long) recId / 2);
        BigInteger x = sig.r.add(i.multiply(n));
        //   1.2. Convert the integer x to an octet string X of length mlen
        // using the conversion routine
        //        specified in Section 2.3.7, where mlen = ⌈(log2 p)/8⌉ or
        // mlen = ⌈m/8⌉.
        //   1.3. Convert the octet string (16 set binary digits)||X to an
        // elliptic curve point R using the
        //        conversion routine specified in Section 2.3.4. If this
        // conversion routine outputs “invalid”, then
        //        do another iteration of Step 1.
        //
        // More concisely, what these points mean is to use X as a compressed
        // public key.
        ECCurve.Fp curve = (ECCurve.Fp) CURVE.getCurve();
        BigInteger prime = curve.getQ();  // Bouncy Castle is not consistent
        // about the letter it uses for the prime.
        if (x.compareTo(prime) >= 0) {
            // Cannot have point co-ordinates larger than this as everything
            // takes place modulo Q.
            return null;
        }
        // Compressed allKeys require you to know an extra bit of data about the
        // y-coord as there are two possibilities.
        // So it's encoded in the recId.
        ECPoint R = decompressKey(x, (recId & 1) == 1);
        //   1.4. If nR != point at infinity, then do another iteration of
        // Step 1 (callers responsibility).
        if (!R.multiply(n).isInfinity()) {
            return null;
        }
        //   1.5. Compute e from M using Steps 2 and 3 of ECDSA signature
        // verification.
        BigInteger e = new BigInteger(1, messageHash);
        //   1.6. For k from 1 to 2 do the following.   (loop is outside this
        // function via iterating recId)
        //   1.6.1. Compute a candidate public key as:
        //               Q = mi(r) * (sR - eG)
        //
        // Where mi(x) is the modular multiplicative inverse. We transform
        // this into the following:
        //               Q = (mi(r) * s ** R) + (mi(r) * -e ** G)
        // Where -e is the modular additive inverse of e, that is z such that
        // z + e = 0 (mod n). In the above equation
        // ** is point multiplication and + is point addition (the EC group
        // operator).
        //
        // We can find the additive inverse by subtracting e from zero then
        // taking the mod. For example the additive
        // inverse of 3 modulo 11 is 8 because 3 + 8 mod 11 = 0, and -3 mod
        // 11 = 8.
        BigInteger eInv = BigInteger.ZERO.subtract(e).mod(n);
        BigInteger rInv = sig.r.modInverse(n);
        BigInteger srInv = rInv.multiply(sig.s).mod(n);
        BigInteger eInvrInv = rInv.multiply(eInv).mod(n);
        ECPoint.Fp q = (ECPoint.Fp) ECAlgorithms.sumOfTwoMultiplies(CURVE
                .getG(), eInvrInv, R, srInv);
        return q.getEncoded(/* compressed */ false);
    }

    /**
     * @param recId       Which possible key to recover.
     * @param sig         the R and S components of the signature, wrapped.
     * @param messageHash Hash of the data that was signed.
     * @return 20-byte address
     */
    @Nullable
    public static byte[] recoverAddressFromSignature(int recId,
                                                     ECDSASignature sig,
                                                     byte[] messageHash) {
        final byte[] pubBytes = recoverPubBytesFromSignature(recId, sig,
                messageHash);
        if (pubBytes == null) {
            return null;
        } else {
            return computeAddress(pubBytes);
        }
    }

    /**
     * @param recId       Which possible key to recover.
     * @param sig         the R and S components of the signature, wrapped.
     * @param messageHash Hash of the data that was signed.
     * @return ECKey
     */
    @Nullable
    public static ECKey recoverFromSignature(int recId, ECDSASignature sig,
                                             byte[] messageHash) {
        final byte[] pubBytes = recoverPubBytesFromSignature(recId, sig,
                messageHash);
        if (pubBytes == null) {
            return null;
        } else {
            return ECKey.fromPublicOnly(pubBytes);
        }
    }

    /**
     * Decompress a compressed public key (x co-ord and low-bit of y-coord).
     *
     * @param xBN  -
     * @param yBit -
     * @return -
     */

    private static ECPoint decompressKey(BigInteger xBN, boolean yBit) {
        X9IntegerConverter x9 = new X9IntegerConverter();
        byte[] compEnc = x9.integerToBytes(xBN, 1 + x9.getByteLength(CURVE
                .getCurve()));
        compEnc[0] = (byte) (yBit ? 0x03 : 0x02);
        return CURVE.getCurve().decodePoint(compEnc);
    }

    private static void check(boolean test, String message) {
        if (!test) {
            throw new IllegalArgumentException(message);
        }
    }

    /**
     * Returns a copy of this key, but with the public point represented in uncompressed form.
     * Normally you would never need this: it's for specialised scenarios or when backwards
     * compatibility in encoded form is necessary.
     *
     * @return -
     * @deprecated per-point compression property will be removed in Bouncy Castle
     */
    public ECKey decompress() {
        if (!pub.isCompressed()) {
            return this;
        } else {
            return new ECKey(this.provider, this.privKey, decompressPoint(pub));
        }
    }

    /**
     * @deprecated per-point compression property will be removed in Bouncy Castle
     */
    public ECKey compress() {
        if (pub.isCompressed()) {
            return this;
        } else {
            return new ECKey(this.provider, this.privKey, compressPoint(pub));
        }
    }

    /**
     * Returns true if this key doesn't have access to private key bytes. This may be because it was
     * never given any private key bytes to begin with (a watching key).
     *
     * @return -
     */
    public boolean isPubKeyOnly() {
        return privKey == null;
    }

    /**
     * Returns true if this key has access to private key bytes. Does the opposite of {@link
     * #isPubKeyOnly()}.
     *
     * @return -
     */
    public boolean hasPrivKey() {
        return privKey != null;
    }

    /**
     * Gets the address form of the public key.
     *
     * @return 23-byte address
     */
    public byte[] getAddress() {
        if (pubKeyHash == null) {
            pubKeyHash = computeAddress(this.pub);
        }
        return pubKeyHash;
    }

    /**
     * Generates the NodeID based on this key, that is the public key without first format byte
     */
    public byte[] getNodeId() {
        if (nodeId == null) {
            nodeId = pubBytesWithoutFormat(this.pub);
        }
        return nodeId;
    }

    /**
     * Gets the encoded public key value.
     *
     * @return 65-byte encoded public key
     */
    public byte[] getPubKey() {
        return pub.getEncoded(/* compressed */ false);
    }

    /**
     * Gets the public key in the form of an elliptic curve point object from Bouncy Castle.
     *
     * @return -
     */
    public ECPoint getPubKeyPoint() {
        return pub;
    }

    /**
     * Gets the private key in the form of an integer field element. The public key is derived by
     * performing EC point addition this number of times (i.e. point multiplying).
     *
     * @return -
     * @throws IllegalStateException if the private key bytes are not available.
     */
    public BigInteger getPrivKey() {
        if (privKey == null) {
            throw new MissingPrivateKeyException();
        } else if (privKey instanceof BCECPrivateKey) {
            return ((BCECPrivateKey) privKey).getD();
        } else {
            throw new MissingPrivateKeyException();
        }
    }

    /**
     * Returns whether this key is using the compressed form or not. Compressed pubkeys are only 33
     * bytes, not 64.
     *
     * @return -
     */
    public boolean isCompressed() {
        return pub.isCompressed();
    }

    public String toString() {
        StringBuilder b = new StringBuilder();
        b.append("pub:").append(Hex.toHexString(pub.getEncoded(false)));
        return b.toString();
    }

    /**
     * Produce a string rendering of the ECKey INCLUDING the private key. Unless you absolutely need
     * the private key it is better for security reasons to just use toString().
     *
     * @return -
     */
    public String toStringWithPrivate() {
        StringBuilder b = new StringBuilder();
        b.append(toString());
        if (privKey != null && privKey instanceof BCECPrivateKey) {
            b.append(" priv:").append(Hex.toHexString(((BCECPrivateKey)
                    privKey).getD().toByteArray()));
        }
        return b.toString();
    }

    /**
     * Signs the given hash and returns the R and S components as BigIntegers and putData them in
     * ECDSASignature
     *
     * @param input to sign
     * @return ECDSASignature signature that contains the R and S components
     */
    public ECDSASignature doSign(byte[] input) {
        if (input.length != 32) {
            throw new IllegalArgumentException("Expected 32 byte input to " +
                    "ECDSA signature, not " + input.length);
        }
        // No decryption of private key required.
        if (privKey == null) {
            throw new MissingPrivateKeyException();
        }
        if (privKey instanceof BCECPrivateKey) {
            ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new
                    SHA256Digest()));
            ECPrivateKeyParameters privKeyParams = new ECPrivateKeyParameters
                    (((BCECPrivateKey) privKey).getD(), CURVE);
            signer.init(true, privKeyParams);
            BigInteger[] components = signer.generateSignature(input);
            return new ECDSASignature(components[0], components[1])
                    .toCanonicalised();
        } else {
            try {
                final Signature ecSig = ECSignatureFactory.getRawInstance
                        (provider);
                ecSig.initSign(privKey);
                ecSig.update(input);
                final byte[] derSignature = ecSig.sign();
                return ECDSASignature.decodeFromDER(derSignature)
                        .toCanonicalised();
            } catch (SignatureException | InvalidKeyException ex) {
                throw new RuntimeException("ECKey signing error", ex);
            }
        }
    }

    /**
     * Takes the keccak hash (32 bytes) of data and returns the ECDSA signature
     *
     * @param messageHash -
     * @return -
     * @throws IllegalStateException if this ECKey does not have the private part.
     */
    public ECDSASignature sign(byte[] messageHash) {
        ECDSASignature sig = doSign(messageHash);
        // Now we have to work backwards to figure out the recId needed to
        // recover the signature.
        int recId = -1;
        byte[] thisKey = this.pub.getEncoded(/* compressed */ false);
        for (int i = 0; i < 4; i++) {
            byte[] k = ECKey.recoverPubBytesFromSignature(i, sig, messageHash);
            if (k != null && Arrays.equals(k, thisKey)) {
                recId = i;
                break;
            }
        }
        if (recId == -1) {
            throw new RuntimeException("Could not construct a recoverable key" +
                    ". This should never happen.");
        }
        sig.v = (byte) (recId + 27);
        return sig;
    }

    public BigInteger keyAgreement(ECPoint otherParty) {
        if (privKey == null) {
            throw new MissingPrivateKeyException();
        } else if (privKey instanceof BCECPrivateKey) {
            final ECDHBasicAgreement agreement = new ECDHBasicAgreement();
            agreement.init(new ECPrivateKeyParameters(((BCECPrivateKey)
                    privKey).getD(), CURVE));
            return agreement.calculateAgreement(new ECPublicKeyParameters
                    (otherParty, CURVE));
        } else {
            try {
                final KeyAgreement agreement = ECKeyAgreement.getInstance
                        (this.provider);
                agreement.init(this.privKey);
                agreement.doPhase(
                        ECKeyFactory.getInstance(this.provider)
                                .generatePublic(new ECPublicKeySpec
                                        (otherParty, CURVE_SPEC)),
                        /* lastPhase */ true);
                return new BigInteger(1, agreement.generateSecret());
            } catch (IllegalStateException | InvalidKeyException |
                    InvalidKeySpecException ex) {
                throw new RuntimeException("ECDH key agreement failure", ex);
            }
        }
    }

    /**
     * Decrypt cipher by AES in SIC(also know as CTR) mode
     *
     * @param cipher -proper cipher
     * @return decrypted cipher, equal length to the cipher.
     * @deprecated should not use EC private scalar value as an AES key
     */
    public byte[] decryptAES(byte[] cipher) {

        if (privKey == null) {
            throw new MissingPrivateKeyException();
        }
        if (!(privKey instanceof BCECPrivateKey)) {
            throw new UnsupportedOperationException("Cannot use the private " +
                    "key as an AES key");
        }

        AESEngine engine = new AESEngine();
        SICBlockCipher ctrEngine = new SICBlockCipher(engine);

        KeyParameter key = new KeyParameter(BigIntegers.asUnsignedByteArray((
                (BCECPrivateKey) privKey).getD()));
        ParametersWithIV params = new ParametersWithIV(key, new byte[16]);

        ctrEngine.init(false, params);

        int i = 0;
        byte[] out = new byte[cipher.length];
        while (i < cipher.length) {
            ctrEngine.processBlock(cipher, i, out, i);
            i += engine.getBlockSize();
            if (cipher.length - i < engine.getBlockSize()) {
                break;
            }
        }

        // process left bytes
        if (cipher.length - i > 0) {
            byte[] tmpBlock = new byte[16];
            System.arraycopy(cipher, i, tmpBlock, 0, cipher.length - i);
            ctrEngine.processBlock(tmpBlock, 0, tmpBlock, 0);
            System.arraycopy(tmpBlock, 0, out, i, cipher.length - i);
        }

        return out;
    }

    /**
     * Verifies the given ASN.1 encoded ECDSA signature against a hash using the public key.
     *
     * @param data      Hash of the data to verify.
     * @param signature signature.
     * @return -
     */
    public boolean verify(byte[] data, byte[] signature) {
        return ECKey.verify(data, signature, getPubKey());
    }

    /**
     * Verifies the given R/S pair (signature) against a hash using the public key.
     *
     * @param sigHash   -
     * @param signature -
     * @return -
     */
    public boolean verify(byte[] sigHash, ECDSASignature signature) {
        return ECKey.verify(sigHash, signature, getPubKey());
    }

    /**
     * Returns true if this pubkey is canonical, i.e. the correct length taking into account
     * compression.
     *
     * @return -
     */
    public boolean isPubKeyCanonical() {
        return isPubKeyCanonical(pub.getEncoded(/* uncompressed */ false));
    }

    /**
     * Returns a 32 byte array containing the private key, or null if the key is encrypted or public
     * only
     *
     * @return -
     */
    @Nullable
    public byte[] getPrivKeyBytes() {
        if (privKey == null) {
            return null;
        } else if (privKey instanceof BCECPrivateKey) {
            return ByteUtil.bigIntegerToBytes(((BCECPrivateKey) privKey).getD(), 32);
        } else {
            return null;
        }
    }

    @Override
    public boolean equals(Object o) {
        if (this == o) {
            return true;
        }

        if (o == null || getClass() != o.getClass()) {
            return false;
        }

        ECKey ecKey = (ECKey) o;

        if (privKey != null && !privKey.equals(ecKey.privKey)) {
            return false;
        }
        return pub == null || pub.equals(ecKey.pub);
    }

    @Override
    public int hashCode() {
        return Arrays.hashCode(getPubKey());
    }

    public static class ECDSASignature {

        /**
         * The two components of the signature.
         */
        public final BigInteger r, s;
        public byte v;

        /**
         * Constructs a signature with the given components. Does NOT automatically canonicalise the
         * signature.
         *
         * @param r -
         * @param s -
         */
        public ECDSASignature(BigInteger r, BigInteger s) {
            this.r = r;
            this.s = s;
        }

        /**
         * t
         *
         * @return -
         */
        private static ECDSASignature fromComponents(byte[] r, byte[] s) {
            return new ECDSASignature(new BigInteger(1, r), new BigInteger(1,
                    s));
        }

        /**
         * @param r -
         * @param s -
         * @param v -
         * @return -
         */
        public static ECDSASignature fromComponents(byte[] r, byte[] s, byte
                v) {
            ECDSASignature signature = fromComponents(r, s);
            signature.v = v;
            return signature;
        }

        public static boolean validateComponents(BigInteger r, BigInteger s,
                                                 byte v) {

            if (v != 27 && v != 28) {
                return false;
            }

            if (BIUtil.isLessThan(r, BigInteger.ONE)) {
                return false;
            }
            if (BIUtil.isLessThan(s, BigInteger.ONE)) {
                return false;
            }

            if (!BIUtil.isLessThan(r, SECP256K1N)) {
                return false;
            }
            return BIUtil.isLessThan(s, SECP256K1N);
        }

        public static ECDSASignature decodeFromDER(byte[] bytes) {
            ASN1InputStream decoder = null;
            try {
                decoder = new ASN1InputStream(bytes);
                DLSequence seq = (DLSequence) decoder.readObject();
                if (seq == null) {
                    throw new RuntimeException("Reached past end of ASN.1 " +
                            "stream.");
                }
                ASN1Integer r, s;
                try {
                    r = (ASN1Integer) seq.getObjectAt(0);
                    s = (ASN1Integer) seq.getObjectAt(1);
                } catch (ClassCastException e) {
                    throw new IllegalArgumentException(e);
                }
                // OpenSSL deviates from the DER spec by interpreting these
                // values as unsigned, though they should not be
                // Thus, we always use the positive versions. See:
                // http://r6.ca/blog/20111119T211504Z.html
                return new ECDSASignature(r.getPositiveValue(), s
                        .getPositiveValue());
            } catch (IOException e) {
                throw new RuntimeException(e);
            } finally {
                if (decoder != null) {
                    try {
                        decoder.close();
                    } catch (IOException x) {

                    }
                }
            }
        }

        public boolean validateComponents() {
            return validateComponents(r, s, v);
        }

        public ECDSASignature toCanonicalised() {
            if (s.compareTo(HALF_CURVE_ORDER) > 0) {
                // The order of the curve is the number of valid points that
                // exist on that curve. If S is in the upper
                // half of the number of valid points, then bring it back to
                // the lower half. Otherwise, imagine that
                //    N = 10
                //    s = 8, so (-8 % 10 == 2) thus both (r, 8) and (r, 2)
                // are valid solutions.
                //    10 - 8 == 2, giving us always the latter solution,
                // which is canonical.
                return new ECDSASignature(r, CURVE.getN().subtract(s));
            } else {
                return this;
            }
        }

        /**
         * @return -
         */
        public String toBase64() {
            byte[] sigData = new byte[65];  // 1 header + 32 bytes for R + 32
            // bytes for S
            sigData[0] = v;
            System.arraycopy(ByteUtil.bigIntegerToBytes(this.r, 32), 0, sigData, 1, 32);
            System.arraycopy(ByteUtil.bigIntegerToBytes(this.s, 32), 0, sigData, 33, 32);
            return new String(Base64.encode(sigData), Charset.forName("UTF-8"));
        }

        public byte[] toByteArray() {
            final byte fixedV = this.v >= 27
                    ? (byte) (this.v - 27)
                    : this.v;

            return ByteUtil.merge(
                    ByteUtil.bigIntegerToBytes(this.r, 32),
                    ByteUtil.bigIntegerToBytes(this.s, 32),
                    new byte[]{fixedV});
        }

        public String toHex() {
            return Hex.toHexString(toByteArray());
        }

        @Override
        public boolean equals(Object o) {
            if (this == o) {
                return true;
            }
            if (o == null || getClass() != o.getClass()) {
                return false;
            }

            ECDSASignature signature = (ECDSASignature) o;

            if (!r.equals(signature.r)) {
                return false;
            }
            return s.equals(signature.s);
        }

        @Override
        public int hashCode() {
            int result = r.hashCode();
            result = 31 * result + s.hashCode();
            return result;
        }
    }

    @SuppressWarnings("serial")
    public static class MissingPrivateKeyException extends RuntimeException {

    }

}