zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
140 Commits
183 Branches
291 MiB
Tree: 0418d32276
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0418d32276'
${ noResults }
tendermint/hd/address.go

301 lines
7.7 KiB
Raw Normal View History

Add HD functions
8 years ago
remove coin param
8 years ago
Add HD functions
8 years ago
remove coin param
8 years ago
Add HD functions
8 years ago
remove coin param
8 years ago
Add HD functions
8 years ago
remove coin param
8 years ago
Add HD functions
8 years ago
remove coin param
8 years ago
Add HD functions
8 years ago
remove coin param
8 years ago
Add HD functions
8 years ago
remove coin param
8 years ago
Fix bitcoin addr scheme
8 years ago
Add HD functions
8 years ago
remove coin param
8 years ago
Fix bitcoin addr scheme
8 years ago
remove coin param
8 years ago
Add HD functions
8 years ago
hd: optimize ReverseBytes + add tests * Optimized ReverseBytes to: a) Minimally allocate --> 60.0% reduction in the number of allocations b) Only walk halfway the length of the string thus performing byte swaps from left to right. Improves the performance as well. Complexity is O(n/2) instead of O(n) which is still O(n) but benchmarks show the new time is in deed 1/2 of the original time. * Added unit tests and some common cases to ensure correctness. * Benchmark shoot out results: ```shell name old time/op new time/op delta ReverseBytes-4 554ns ± 4% 242ns ± 3% -56.20% (p=0.000 n=10+10) name old alloc/op new alloc/op delta ReverseBytes-4 208B ± 0% 114B ± 0% -45.19% (p=0.000 n=10+10) name old allocs/op new allocs/op delta ReverseBytes-4 10.0 ± 0% 4.0 ± 0% -60.00% (p=0.000 n=10+10) ```
7 years ago
Add HD functions
8 years ago
 
  1. package hd
  2. 

  3. import (
  4. 	"crypto/ecdsa"
  5. 	"crypto/hmac"
  6. 	"crypto/sha256"
  7. 	"crypto/sha512"
  8. 	"encoding/base64"
  9. 	"encoding/binary"
  10. 	"encoding/hex"
  11. 	"errors"
  12. 	"fmt"
  13. 	"hash"
  14. 	"log"
  15. 	"math/big"
  16. 	"strconv"
  17. 	"strings"
  18. 

  19. 	"github.com/btcsuite/btcd/btcec"
  20. 	"github.com/btcsuite/btcutil/base58"
  21. 	"github.com/tendermint/go-crypto"
  22. 	"golang.org/x/crypto/ripemd160"
  23. )
  24. 

  25. func ComputeAddress(pubKeyHex string, chainHex string, path string, index int32) string {
  26. 	pubKeyBytes := DerivePublicKeyForPath(
  27. 		HexDecode(pubKeyHex),
  28. 		HexDecode(chainHex),
  29. 		fmt.Sprintf("%v/%v", path, index),
  30. 	)
  31. 	return AddrFromPubKeyBytes(pubKeyBytes)
  32. }
  33. 

  34. func ComputePrivateKey(mprivHex string, chainHex string, path string, index int32) string {
  35. 	privKeyBytes := DerivePrivateKeyForPath(
  36. 		HexDecode(mprivHex),
  37. 		HexDecode(chainHex),
  38. 		fmt.Sprintf("%v/%v", path, index),
  39. 	)
  40. 	return HexEncode(privKeyBytes)
  41. }
  42. 

  43. func ComputeAddressForPrivKey(privKey string) string {
  44. 	pubKeyBytes := PubKeyBytesFromPrivKeyBytes(HexDecode(privKey), true)
  45. 	return AddrFromPubKeyBytes(pubKeyBytes)
  46. }
  47. 

  48. func SignMessage(privKey string, message string, compress bool) string {
  49. 	prefixBytes := []byte("Bitcoin Signed Message:\n")
  50. 	messageBytes := []byte(message)
  51. 	bytes := []byte{}
  52. 	bytes = append(bytes, byte(len(prefixBytes)))
  53. 	bytes = append(bytes, prefixBytes...)
  54. 	bytes = append(bytes, byte(len(messageBytes)))
  55. 	bytes = append(bytes, messageBytes...)
  56. 	privKeyBytes := HexDecode(privKey)
  57. 	x, y := btcec.S256().ScalarBaseMult(privKeyBytes)
  58. 	ecdsaPubKey := ecdsa.PublicKey{
  59. 		Curve: btcec.S256(),
  60. 		X:     x,
  61. 		Y:     y,
  62. 	}
  63. 	ecdsaPrivKey := &btcec.PrivateKey{
  64. 		PublicKey: ecdsaPubKey,
  65. 		D:         new(big.Int).SetBytes(privKeyBytes),
  66. 	}
  67. 	sigbytes, err := btcec.SignCompact(btcec.S256(), ecdsaPrivKey, crypto.Sha256(crypto.Sha256(bytes)), compress)
  68. 	if err != nil {
  69. 		panic(err)
  70. 	}
  71. 	return base64.StdEncoding.EncodeToString(sigbytes)
  72. }
  73. 

  74. // returns MPK, Chain, and master secret in hex.

  75. func ComputeMastersFromSeed(seed string) (string, string, string, string) {
  76. 	secret, chain := I64([]byte("Bitcoin seed"), []byte(seed))
  77. 	pubKeyBytes := PubKeyBytesFromPrivKeyBytes(secret, true)
  78. 	return HexEncode(pubKeyBytes), HexEncode(secret), HexEncode(chain), HexEncode(secret)
  79. }
  80. 

  81. func ComputeWIF(privKey string, compress bool) string {
  82. 	return WIFFromPrivKeyBytes(HexDecode(privKey), compress)
  83. }
  84. 

  85. func ComputeTxId(rawTxHex string) string {
  86. 	return HexEncode(ReverseBytes(CalcHash256(HexDecode(rawTxHex))))
  87. }
  88. 

  89. // Private methods...

  90. 

  91. func printKeyInfo(privKeyBytes []byte, pubKeyBytes []byte, chain []byte) {
  92. 	if pubKeyBytes == nil {
  93. 		pubKeyBytes = PubKeyBytesFromPrivKeyBytes(privKeyBytes, true)
  94. 	}
  95. 	addr := AddrFromPubKeyBytes(pubKeyBytes)
  96. 	log.Println("\nprikey:\t%v\npubKeyBytes:\t%v\naddr:\t%v\nchain:\t%v",
  97. 		HexEncode(privKeyBytes),
  98. 		HexEncode(pubKeyBytes),
  99. 		addr,
  100. 		HexEncode(chain))
  101. }
  102. 

  103. func DerivePrivateKeyForPath(privKeyBytes []byte, chain []byte, path string) []byte {
  104. 	data := privKeyBytes
  105. 	parts := strings.Split(path, "/")
  106. 	for _, part := range parts {
  107. 		prime := part[len(part)-1:] == "'"
  108. 		// prime == private derivation. Otherwise public.

  109. 		if prime {
  110. 			part = part[:len(part)-1]
  111. 		}
  112. 		i, err := strconv.Atoi(part)
  113. 		if err != nil {
  114. 			panic(err)
  115. 		}
  116. 		if i < 0 {
  117. 			panic(errors.New("index too large."))
  118. 		}
  119. 		data, chain = DerivePrivateKey(data, chain, uint32(i), prime)
  120. 		//printKeyInfo(data, nil, chain)

  121. 	}
  122. 	return data
  123. }
  124. 

  125. func DerivePublicKeyForPath(pubKeyBytes []byte, chain []byte, path string) []byte {
  126. 	data := pubKeyBytes
  127. 	parts := strings.Split(path, "/")
  128. 	for _, part := range parts {
  129. 		prime := part[len(part)-1:] == "'"
  130. 		if prime {
  131. 			panic(errors.New("cannot do a prime derivation from public key"))
  132. 		}
  133. 		i, err := strconv.Atoi(part)
  134. 		if err != nil {
  135. 			panic(err)
  136. 		}
  137. 		if i < 0 {
  138. 			panic(errors.New("index too large."))
  139. 		}
  140. 		data, chain = DerivePublicKey(data, chain, uint32(i))
  141. 		//printKeyInfo(nil, data, chain)

  142. 	}
  143. 	return data
  144. }
  145. 

  146. func DerivePrivateKey(privKeyBytes []byte, chain []byte, i uint32, prime bool) ([]byte, []byte) {
  147. 	data := []byte{}
  148. 	if prime {
  149. 		i = i | 0x80000000
  150. 		data = append([]byte{byte(0)}, privKeyBytes...)
  151. 	} else {
  152. 		public := PubKeyBytesFromPrivKeyBytes(privKeyBytes, true)
  153. 		data = public
  154. 	}
  155. 	data = append(data, uint32ToBytes(i)...)
  156. 	data2, chain2 := I64(chain, data)
  157. 	x := addScalars(privKeyBytes, data2)
  158. 	return x, chain2
  159. }
  160. 

  161. func DerivePublicKey(pubKeyBytes []byte, chain []byte, i uint32) ([]byte, []byte) {
  162. 	data := []byte{}
  163. 	data = append(data, pubKeyBytes...)
  164. 	data = append(data, uint32ToBytes(i)...)
  165. 	data2, chain2 := I64(chain, data)
  166. 	data2p := PubKeyBytesFromPrivKeyBytes(data2, true)
  167. 	return addPoints(pubKeyBytes, data2p), chain2
  168. }
  169. 

  170. func addPoints(a []byte, b []byte) []byte {
  171. 	ap, err := btcec.ParsePubKey(a, btcec.S256())
  172. 	if err != nil {
  173. 		panic(err)
  174. 	}
  175. 	bp, err := btcec.ParsePubKey(b, btcec.S256())
  176. 	if err != nil {
  177. 		panic(err)
  178. 	}
  179. 	sumX, sumY := btcec.S256().Add(ap.X, ap.Y, bp.X, bp.Y)
  180. 	sum := (*btcec.PublicKey)(&btcec.PublicKey{
  181. 		Curve: btcec.S256(),
  182. 		X:     sumX,
  183. 		Y:     sumY,
  184. 	})
  185. 	return sum.SerializeCompressed()
  186. }
  187. 

  188. func addScalars(a []byte, b []byte) []byte {
  189. 	aInt := new(big.Int).SetBytes(a)
  190. 	bInt := new(big.Int).SetBytes(b)
  191. 	sInt := new(big.Int).Add(aInt, bInt)
  192. 	x := sInt.Mod(sInt, btcec.S256().N).Bytes()
  193. 	x2 := [32]byte{}
  194. 	copy(x2[32-len(x):], x)
  195. 	return x2[:]
  196. }
  197. 

  198. func uint32ToBytes(i uint32) []byte {
  199. 	b := [4]byte{}
  200. 	binary.BigEndian.PutUint32(b[:], i)
  201. 	return b[:]
  202. }
  203. 

  204. func HexEncode(b []byte) string {
  205. 	return hex.EncodeToString(b)
  206. }
  207. 

  208. func HexDecode(str string) []byte {
  209. 	b, _ := hex.DecodeString(str)
  210. 	return b
  211. }
  212. 

  213. func I64(key []byte, data []byte) ([]byte, []byte) {
  214. 	mac := hmac.New(sha512.New, key)
  215. 	mac.Write(data)
  216. 	I := mac.Sum(nil)
  217. 	return I[:32], I[32:]
  218. }
  219. 

  220. // This returns a Bitcoin-like address.

  221. func AddrFromPubKeyBytes(pubKeyBytes []byte) string {
  222. 	prefix := byte(0x00) // TODO Make const or configurable

  223. 	h160 := CalcHash160(pubKeyBytes)
  224. 	h160 = append([]byte{prefix}, h160...)
  225. 	checksum := CalcHash256(h160)
  226. 	b := append(h160, checksum[:4]...)
  227. 	return base58.Encode(b)
  228. }
  229. 

  230. func AddrBytesFromPubKeyBytes(pubKeyBytes []byte) (addrBytes []byte, checksum []byte) {
  231. 	prefix := byte(0x00) // TODO Make const or configurable

  232. 	h160 := CalcHash160(pubKeyBytes)
  233. 	_h160 := append([]byte{prefix}, h160...)
  234. 	checksum = CalcHash256(_h160)[:4]
  235. 	return h160, checksum
  236. }
  237. 

  238. func WIFFromPrivKeyBytes(privKeyBytes []byte, compress bool) string {
  239. 	prefix := byte(0x80) // TODO Make const or configurable

  240. 	bytes := append([]byte{prefix}, privKeyBytes...)
  241. 	if compress {
  242. 		bytes = append(bytes, byte(1))
  243. 	}
  244. 	checksum := CalcHash256(bytes)
  245. 	bytes = append(bytes, checksum[:4]...)
  246. 	return base58.Encode(bytes)
  247. }
  248. 

  249. func PubKeyBytesFromPrivKeyBytes(privKeyBytes []byte, compress bool) (pubKeyBytes []byte) {
  250. 	x, y := btcec.S256().ScalarBaseMult(privKeyBytes)
  251. 	pub := (*btcec.PublicKey)(&btcec.PublicKey{
  252. 		Curve: btcec.S256(),
  253. 		X:     x,
  254. 		Y:     y,
  255. 	})
  256. 

  257. 	if compress {
  258. 		return pub.SerializeCompressed()
  259. 	}
  260. 	return pub.SerializeUncompressed()
  261. }
  262. 

  263. // Calculate the hash of hasher over buf.

  264. func CalcHash(buf []byte, hasher hash.Hash) []byte {
  265. 	hasher.Write(buf)
  266. 	return hasher.Sum(nil)
  267. }
  268. 

  269. // calculate hash160 which is ripemd160(sha256(data))

  270. func CalcHash160(buf []byte) []byte {
  271. 	return CalcHash(CalcHash(buf, sha256.New()), ripemd160.New())
  272. }
  273. 

  274. // calculate hash256 which is sha256(sha256(data))

  275. func CalcHash256(buf []byte) []byte {
  276. 	return CalcHash(CalcHash(buf, sha256.New()), sha256.New())
  277. }
  278. 

  279. // calculate sha512(data)

  280. func CalcSha512(buf []byte) []byte {
  281. 	return CalcHash(buf, sha512.New())
  282. }
  283. 

  284. func ReverseBytes(buf []byte) []byte {
  285. 	var res []byte
  286. 	if len(buf) == 0 {
  287. 		return res
  288. 	}
  289. 

  290. 	// Walk till mid-way, swapping bytes from each end:

  291. 	// b[i] and b[len-i-1]

  292. 	blen := len(buf)
  293. 	res = make([]byte, blen)
  294. 	mid := blen / 2
  295. 	for left := 0; left <= mid; left++ {
  296. 		right := blen - left - 1
  297. 		res[left] = buf[right]
  298. 		res[right] = buf[left]
  299. 	}
  300. 	return res
  301. }