Added private keys validation in signing process

Author: josecelano

lib/BlockCypher/Api/TXSkeleton.php

@@ -5,6 +5,7 @@
 use BlockCypher\Common\BlockCypherResourceModel;
 use BlockCypher\Crypto\PrivateKeyList;
 use BlockCypher\Crypto\Signer;
+use BlockCypher\Exception\BlockCypherSignatureException;
 use BlockCypher\Rest\ApiContext;
 use BlockCypher\Transport\BlockCypherRestCall;
 
@@ -90,30 +91,34 @@ public function sign($privateKeys, $apiContext = null)
         // Create PrivateKey objects from plain hex private keys
         $privateKeyList = PrivateKeyList::fromHexPrivateKeyArray($privateKeys, $coinSymbol);
 
-        $this->generateSignatures($privateKeyList);
+        $this->generateSignatures($privateKeyList, $coinSymbol);
 
         return $this;
     }
 
     /**
      * @param PrivateKeyList $privateKeyList
-     * @throws \Exception
+     * @param string $coinSymbol
+     * @throws BlockCypherSignatureException
      */
-    private function generateSignatures($privateKeyList)
+    private function generateSignatures($privateKeyList, $coinSymbol)
     {
         $signatures = array();
         $pubkeys = array();
         $tosignIndex = 0;
 
+        $privateKeysUsed = array();
+
         foreach ($this->getTxInputs() as $txInput) {
 
             // Addresses can be network addresses or pubkeys (multisign txs)
             $txInputAddresses = $txInput->getAddresses();
 
             foreach ($txInputAddresses as $inputAddress) {
-                if ($privateKeyList->keyExists($inputAddress)) {
 
-                    $privateKey = $privateKeyList->getKey($inputAddress);
+                if ($privateKeyList->privateKeyExists($inputAddress, $coinSymbol)) {
+
+                    $privateKey = $privateKeyList->getPrivateKey($inputAddress, $coinSymbol);
 
                     // Signature
                     $hexDataToSign = $this->tosign[$tosignIndex];
@@ -124,15 +129,23 @@ private function generateSignatures($privateKeyList)
                     $pubKey = $privateKey->getPublicKey()->getHex();
                     $pubkeys[] = $pubKey;
 
+                    $privateKeysUsed[] = $inputAddress;
+
                 } else {
                     // User has not provide a private key for this address
                     // API allows to send partially signed tx
+                    // TODO: add log?
                 }
             }
 
             $tosignIndex++;
         }
 
+        $numPrivateKeysNotUsed = $privateKeyList->length() - count($privateKeysUsed);
+        if ($numPrivateKeysNotUsed > 0) {
+            throw new BlockCypherSignatureException(sprintf("%s private keys do not correspond to any input. Please check private keys provided.", $numPrivateKeysNotUsed));
+        }
+
         $this->signatures = $signatures;
         $this->pubkeys = $pubkeys;
     }

lib/BlockCypher/Crypto/PrivateKeyList.php

@@ -2,6 +2,7 @@
 
 namespace BlockCypher\Crypto;
 
+use BitWasp\Bitcoin\Key\PrivateKeyInterface;
 use BlockCypher\Validation\ArgumentArrayValidator;
 use BlockCypher\Validation\CoinSymbolValidator;
 
@@ -14,14 +15,11 @@ class PrivateKeyList
     /**
      * @var PrivateKey[]
      */
-    private $keys;
+    private $privateKeys;
 
-    /**
-     * @param PrivateKey[] $keys
-     */
-    function __construct($keys = null)
+    function __construct()
     {
-        $this->keys = $keys;
+        $this->privateKeys = array();
     }
 
     /**
@@ -34,101 +32,159 @@ public static function fromHexPrivateKeyArray($hexPrivateKeys, $coinSymbol)
         ArgumentArrayValidator::validate($hexPrivateKeys, 'hexPrivateKeys');
         CoinSymbolValidator::validate($coinSymbol, 'coinSymbol');
 
-        $privateKeyList = array();
+        $privateKeyList = new self($coinSymbol);
+
         foreach ($hexPrivateKeys as $hexPrivateKey) {
             $compressed = true;
             $privateKey = PrivateKeyManipulator::importPrivateKeyFromHex($hexPrivateKey, $compressed);
 
-            // Add private key indexed by address
-            $address = PrivateKeyManipulator::getAddressFromPrivateKey($privateKey, $coinSymbol);
-            $privateKeyList[$address] = $privateKey;
-
             // Add private key indexed by public key
-            $pubKeyHex = $privateKey->getPublicKey()->getHex();
-            $privateKeyList[$pubKeyHex] = $privateKey;
+            $privateKeyList->addPrivateKey($privateKey);
         }
-
-        return new self($privateKeyList);
+        return $privateKeyList;
     }
 
     /**
-     * Append Key to the list.
+     * Append private key to the list.
      *
-     * @param PrivateKey $key
-     * @param string $address
+     * @param PrivateKeyInterface $privateKey
      * @return $this
-     * @throws \Exception
      */
-    public function addKey($key, $address = null)
+    public function addPrivateKey(PrivateKeyInterface $privateKey)
+    {
+        $pubKeyHex = $privateKey->getPublicKey()->getHex();
+        $this->privateKeys[$pubKeyHex] = $privateKey;
+    }
+
+    /**
+     * @param string $addressOrPublicKey
+     * @param string $coinSymbol
+     * @return PrivateKey|null
+     */
+    public function getPrivateKey($addressOrPublicKey, $coinSymbol)
     {
-        if ($address === null) {
-            $this->keys[] = $key;
+        $privateKey = $this->getPrivateKeyByPublicKey($addressOrPublicKey);
+        if ($privateKey !== null) {
+            return $privateKey;
+        }
+
+        $privateKey = $this->getPrivateKeyByAddress($addressOrPublicKey, $coinSymbol);
+        if ($privateKey !== null) {
+            return $privateKey;
+        }
+
+        return null;
+    }
+
+    /**
+     * @param $publicKeyHex
+     * @return PrivateKey|null
+     */
+    private function getPrivateKeyByPublicKey($publicKeyHex)
+    {
+        if (isset($this->privateKeys[$publicKeyHex])) {
+            return $this->privateKeys[$publicKeyHex];
         } else {
-            if (isset($this->keys[$address])) {
-                throw new \Exception("Key $address already in use.");
-            } else {
-                $this->keys[$address] = $key;
+            return null;
+        }
+    }
+
+    /**
+     * @param string $addressToFind
+     * @param $coinSymbol
+     * @return PrivateKey|null
+     */
+    private function getPrivateKeyByAddress($addressToFind, $coinSymbol)
+    {
+        foreach ($this->privateKeys as $privateKey) {
+            $address = PrivateKeyManipulator::getAddressFromPrivateKey($privateKey, $coinSymbol);
+            if ($address == $addressToFind) {
+                return $privateKey;
             }
         }
+        return null;
     }
 
     /**
-     * @param string $address
-     * @throws \Exception
+     * @param string $addressOrPublicKey
+     * @param string $coinSymbol
+     * @return bool
      */
-    public function deleteKey($address)
+    public function privateKeyExists($addressOrPublicKey, $coinSymbol)
     {
-        if (isset($this->keys[$address])) {
-            unset($this->keys[$address]);
-        } else {
-            throw new \Exception("Invalid address $address.");
+        if ($this->privateKeyExistsForPubKey($addressOrPublicKey)) {
+            return true;
         }
+
+        if ($this->privateKeyExistsForAddress($addressOrPublicKey, $coinSymbol)) {
+            return true;
+        }
+
+        return false;
     }
 
     /**
-     * @param string $address
-     * @return PrivateKey
-     * @throws \Exception
+     * @param string $pubKeyHex
+     * @return bool
      */
-    public function getKey($address)
+    private function privateKeyExistsForPubKey($pubKeyHex)
     {
-        if (isset($this->keys[$address])) {
-            return $this->keys[$address];
+        if ($this->getPrivateKeyByPublicKey($pubKeyHex) !== null) {
+            return true;
         } else {
-            throw new \Exception("Address $address not found in PrivateKeyList.");
+            return false;
         }
     }
 
     /**
-     * @param string $address
+     * @param string $addressToFind
+     * @param $coinSymbol
      * @return bool
      */
-    public function keyExists($address)
+    private function privateKeyExistsForAddress($addressToFind, $coinSymbol)
     {
-        return isset($this->keys[$address]);
+        if ($this->getPrivateKeyByAddress($addressToFind, $coinSymbol) !== null) {
+            return true;
+        } else {
+            return false;
+        }
     }
 
     /**
      * @return PrivateKey[]
      */
-    public function getKeys()
+    public function getPrivateKeys()
     {
-        return $this->keys;
+        return $this->privateKeys;
     }
 
     /**
      * @return string[]
      */
-    public function addresses()
+    public function getPublicKeys()
+    {
+        return array_keys($this->privateKeys);
+    }
+
+    /**
+     * @param string $coinSymbol
+     * @return \string[]
+     */
+    public function getAddresses($coinSymbol)
     {
-        return array_keys($this->keys);
+        $addresses = array();
+        foreach ($this->privateKeys as $privateKey) {
+            $address = PrivateKeyManipulator::getAddressFromPrivateKey($privateKey, $coinSymbol);
+            $addresses[] = $address;
+        }
+        return $addresses;
     }
 
     /**
      * @return int
      */
     public function length()
     {
-        return count($this->keys);
+        return count($this->privateKeys);
     }
-}
+}

lib/BlockCypher/Exception/BlockCypherSignatureException.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace BlockCypher\Exception;
+
+/**
+ * Class BlockCypherSignatureException
+ *
+ * @package BlockCypher\Exception
+ */
+class BlockCypherSignatureException extends \Exception
+{
+    /**
+     * Default Constructor
+     *
+     * @param string|null $message
+     * @param int $code
+     */
+    public function __construct($message = null, $code = 0)
+    {
+        parent::__construct($message, $code);
+    }
+
+    /**
+     * prints error message
+     *
+     * @return string
+     */
+    public function errorMessage()
+    {
+        $errorMsg = 'Error on line ' . $this->getLine() . ' in ' . $this->getFile()
+            . ': <b>' . $this->getMessage() . '</b>';
+        return $errorMsg;
+    }
+
+}

sample/address-api/CreateAddressBtcTest3.php

@@ -7,13 +7,11 @@
 
 $addressKeyChain = null;
 
-// For Sample Purposes Only.
+/// For Sample Purposes Only.
 $request = null;
 
+// ### Create Address
 try {
-    // ### Create Address
-    // Create an address by calling the Address::create() method
-    // with a valid ApiContext (See bootstrap.php for more on `ApiContext`)
     $addressKeyChain = \BlockCypher\Api\Address::create(null, $apiContexts['BTC.test3']);
 } catch (Exception $ex) {
     ResultPrinter::printError("Create Address", "AddressKeyChain", null, $request, $ex);

sample/address-api/GenerateMultisignAddressBtcTest3.php

@@ -7,10 +7,16 @@
 require __DIR__ . '/../bootstrap.php';
 
 $addressKeyChain = new \BlockCypher\Api\AddressKeyChain();
+//$pubkeys = array(
+//    "03798be8162d7d6bc5c4e3b236100fcc0dfee899130f84c97d3a49faf83450fd81",
+//    "03dd9f1d4a39951013b4305bf61887ada66439ab84a9a2f8aca9dc736041f815f1",
+//    "03c8e6e99c1d0b42120d5cf40c963e5e8048fd2d2a184758784a041a9d101f1f02"
+//);
+// BTC-TESTNET: 2NBbY8fbHRLjWXHqRvs8P996N82eTYic1yX
 $pubkeys = array(
-    "03798be8162d7d6bc5c4e3b236100fcc0dfee899130f84c97d3a49faf83450fd81",
-    "03dd9f1d4a39951013b4305bf61887ada66439ab84a9a2f8aca9dc736041f815f1",
-    "03c8e6e99c1d0b42120d5cf40c963e5e8048fd2d2a184758784a041a9d101f1f02"
+    "033e88a5503dc09243e58d9e7a53831c2b77cac014415ad8c29cabab5d933894c1",
+    "02087f346641256d4ba19cc0473afaa8d3d1b903761b9220a915e1af65a12e613c",
+    "03051fa1586ff8d509125d3e25308b4c66fcf656b377bf60bfdb296a4898d42efd"
 );
 $addressKeyChain->setPubkeys($pubkeys);
 // script format: 'multisig-n-of-m', where n and m are integers.