static void testit(void) { bool rc; struct bp_key *key1, *key2; key1 = calloc(1, sizeof(*key1)); key2 = calloc(1, sizeof(*key2)); bp_key_init(key1); bp_key_init(key2); rc = bp_key_generate(key1); assert(rc == true); rc = bp_key_generate(key2); assert(rc == true); struct bp_keystore ks; bkeys_init(&ks); rc = bkeys_add(&ks, key1); assert(rc == true); rc = bkeys_add(&ks, key2); assert(rc == true); bkeys_free(&ks); }
static bool bp_checksig(const struct buffer *vchSigIn, const struct buffer *vchPubKey, const cstring *scriptCode, const struct bp_tx *txTo, unsigned int nIn) { if (!vchSigIn || !vchPubKey || !scriptCode || !txTo || !vchSigIn->len || !vchPubKey->len || !scriptCode->len) return false; // Hash type is one byte tacked on to the end of the signature unsigned char *vch_back = vchSigIn->p + (vchSigIn->len - 1); int nHashType = *vch_back; struct buffer vchSig = { vchSigIn->p, vchSigIn->len - 1 }; /* calculate signature hash of transaction */ bu256_t sighash; bp_tx_sighash(&sighash, scriptCode, txTo, nIn, nHashType); /* verify signature hash */ struct bp_key pubkey; bp_key_init(&pubkey); bool rc = false; if (!bp_pubkey_set(&pubkey, vchPubKey->p, vchPubKey->len)) goto out; if (!bp_verify(&pubkey, &sighash, sizeof(sighash), vchSig.p, vchSig.len)) goto out; rc = true; out: bp_key_free(&pubkey); return rc; }
static void keytest() { { struct bp_key k; bp_key_init(&k); bp_key_free(&k); } // Signature { const uint8_t test_secret[32] = { 0x1 }; const uint8_t test_data[] = { 1, 2, 3, 4, 5, 6, 7, 8 }; bu256_t hash; SHA256(test_data, sizeof(test_data), (uint8_t *)&hash); void *pub = NULL; size_t publen = 0; void *sig = NULL; size_t siglen = 0; struct bp_key k; bp_key_init(&k); assert(bp_key_secret_set(&k, test_secret, sizeof(test_secret))); assert(bp_pubkey_get(&k, &pub, &publen)); assert(NULL != pub); assert(0 != publen); assert(bp_sign(&k, (uint8_t *)&hash, sizeof(hash), &sig, &siglen)); assert(NULL != sig); assert(0 != siglen); bp_key_free(&k); struct bp_key pubk; bp_key_init(&k); assert(bp_pubkey_set(&pubk, pub, publen)); assert(bp_verify(&pubk, (uint8_t *)&hash, sizeof(hash), sig, siglen)); bp_key_free(&k); free(pub); free(sig); } }
bool bkeys_pubkey_append(struct bp_keystore *ks, const bu160_t *key_id, GString *scriptSig) { struct bp_key key; bp_key_init(&key); if (!bkeys_key_get(ks, key_id, &key)) return false; void *pubkey = NULL; size_t pk_len = 0; if (!bp_pubkey_get(&key, &pubkey, &pk_len)) return false; bsp_push_data(scriptSig, pubkey, pk_len); free(pubkey); /* no bp_key_free(&key), as bkeys_key_get() returns a ref */ return true; }
static bool bp_checksig(const struct buffer *vchSigHT, const struct buffer *vchPubKey, const GString *scriptCode, const struct bp_tx *txTo, unsigned int nIn, int nHashType) { if (!vchSigHT || !vchPubKey || !scriptCode || !txTo || !vchSigHT->len || !vchPubKey->len || !scriptCode->len) return false; /* examine hashtype at end of string, then remove it */ unsigned char *vch_back = vchSigHT->p + (vchSigHT->len - 1); if (nHashType == 0) nHashType = *vch_back; else if (nHashType != *vch_back) return false; struct buffer vchSig = { vchSigHT->p, vchSigHT->len - 1 }; /* calculate signature hash of transaction */ bu256_t sighash; bp_tx_sighash(&sighash, scriptCode, txTo, nIn, nHashType); /* verify signature hash */ struct bp_key key; bp_key_init(&key); bool rc = false; if (!bp_pubkey_set(&key, vchPubKey->p, vchPubKey->len)) goto out; if (!bp_verify(&key, &sighash, sizeof(sighash), vchSig.p, vchSig.len)) goto out; rc = true; out: bp_key_free(&key); return rc; }
static bool sign1(const bu160_t *key_id, struct bp_keystore *ks, const bu256_t *hash, int nHashType, cstring *scriptSig) { struct bp_key key; bool rc = false; bp_key_init(&key); /* find private key in keystore */ if (!bkeys_key_get(ks, key_id, &key)) goto out; void *sig = NULL; size_t siglen = 0; /* sign hash with private key */ if (!bp_sign(&key, hash, sizeof(*hash), &sig, &siglen)) goto out; /* append nHashType to signature */ unsigned char ch = (unsigned char) nHashType; sig = realloc(sig, siglen + 1); memcpy(sig + siglen, &ch, 1); siglen++; /* append signature to scriptSig */ bsp_push_data(scriptSig, sig, siglen); free(sig); rc = true; out: bp_key_free(&key); return rc; }
static void runtest(const char *json_base_fn, const char *ser_in_fn, const char *block_in_hash, const char *tx_in_hash) { /* read wallet data */ char *json_fn = test_filename(json_base_fn); json_t *wallet = read_json(json_fn); assert(wallet != NULL); /* read block data containing incoming payment */ char *fn = test_filename(ser_in_fn); void *data; size_t data_len; assert(bu_read_file(fn, &data, &data_len, 1 * 1024 * 1024) == true); struct bp_block block_in; bp_block_init(&block_in); struct const_buffer buf = { data, data_len }; assert(deser_bp_block(&block_in, &buf) == true); bp_block_calc_sha256(&block_in); /* verify block-in data matches expected block-in hash */ bu256_t check_hash; assert(hex_bu256(&check_hash, block_in_hash) == true); assert(bu256_equal(&block_in.sha256, &check_hash) == true); /* load key that has received an incoming payment */ struct bp_key key; assert(bp_key_init(&key) == true); load_json_key(wallet, &key); /* load key into keyset */ struct bp_keyset ks; bpks_init(&ks); assert(bpks_add(&ks, &key) == true); /* find key matches in block */ parr *matches; matches = bp_block_match(&block_in, &ks); assert(matches != NULL); assert(matches->len == 1); struct bp_block_match *match = parr_idx(matches, 0); assert(match->n == 1); /* match 2nd tx, index 1 */ /* get matching transaction */ struct bp_tx *tx = parr_idx(block_in.vtx, match->n); bp_tx_calc_sha256(tx); /* verify txid matches expected */ char tx_hexstr[BU256_STRSZ]; bu256_hex(tx_hexstr, &tx->sha256); assert(strcmp(tx_hexstr, tx_in_hash) == 0); /* verify mask matches 2nd txout (1 << 1) */ BIGNUM tmp_mask; BN_init(&tmp_mask); BN_one(&tmp_mask); BN_lshift(&tmp_mask, &tmp_mask, 1); assert(BN_cmp(&tmp_mask, &match->mask) == 0); /* build merkle tree, tx's branch */ parr *mtree = bp_block_merkle_tree(&block_in); assert(mtree != NULL); parr *mbranch = bp_block_merkle_branch(&block_in, mtree, match->n); assert(mbranch != NULL); /* verify merkle branch for tx matches expected */ bu256_t mrk_check; bp_check_merkle_branch(&mrk_check, &tx->sha256, mbranch, match->n); assert(bu256_equal(&mrk_check, &block_in.hashMerkleRoot) == true); /* release resources */ parr_free(mtree, true); parr_free(mbranch, true); BN_clear_free(&tmp_mask); parr_free(matches, true); bpks_free(&ks); bp_key_free(&key); bp_block_free(&block_in); json_decref(wallet); free(data); free(fn); free(json_fn); }
std::vector<unsigned char> decrypt_bip38_ec(const std::vector<unsigned char> key, const std::string& passwd) { int i; uint8_t passfactor[PASSFACTOR_SIZE]; memset(passfactor,0,PASSFACTOR_SIZE); const unsigned char * s_key = reinterpret_cast<const unsigned char*>(key.data()); crypto_scrypt((const uint8_t *)passwd.c_str(), passwd.length(), &s_key[3 + ADDRESSHASH_SIZE], OWNERSALT_SIZE, 16384, 8, 8, passfactor, PASSFACTOR_SIZE ); // compute EC point (passpoint) using passfactor struct bp_key ec_point; if(!bp_key_init(&ec_point)) { fprintf(stderr,"%s","cannot init EC point key"); exit(3); } if(!bp_key_secret_set(&ec_point,passfactor,PASSFACTOR_SIZE)) { fprintf(stderr,"%s","cannot set EC point from passfactor"); exit(3); } // get the passpoint as bytes unsigned char * passpoint; size_t passpoint_len; if(!bp_pubkey_get(&ec_point,(unsigned char **)&passpoint,&passpoint_len)) { fprintf(stderr,"%s","cannot get pubkey for EC point"); exit(4); } // now we need to decrypt seedb uint8_t encryptedpart2[16]; memset(encryptedpart2,0,16); memcpy(encryptedpart2, &s_key[3 + ADDRESSHASH_SIZE + OWNERSALT_SIZE + 8], 16); uint8_t encryptedpart1[16]; memset(encryptedpart1,0,16); memcpy(encryptedpart1, &s_key[3 + ADDRESSHASH_SIZE + OWNERSALT_SIZE], 8); unsigned char derived[DERIVED_SIZE]; // get the encryption key for seedb using scrypt // with passpoint as the key, salt is addresshash+ownersalt unsigned char derived_scrypt_salt[ADDRESSHASH_SIZE + OWNERSALT_SIZE]; memcpy(derived_scrypt_salt, &s_key[3], ADDRESSHASH_SIZE); // copy the addresshash memcpy(derived_scrypt_salt+ADDRESSHASH_SIZE, &s_key[3+ADDRESSHASH_SIZE], OWNERSALT_SIZE); // copy the ownersalt crypto_scrypt( passpoint, passpoint_len, derived_scrypt_salt, ADDRESSHASH_SIZE+OWNERSALT_SIZE, 1024, 1, 1, derived, DERIVED_SIZE ); //get decryption key unsigned char derivedhalf2[DERIVED_SIZE/2]; memcpy(derivedhalf2, derived+(DERIVED_SIZE/2), DERIVED_SIZE/2); unsigned char iv[32]; memset(iv,0,32); EVP_CIPHER_CTX d; EVP_CIPHER_CTX_init(&d); EVP_DecryptInit_ex(&d, EVP_aes_256_ecb(), NULL, derivedhalf2, iv); unsigned char unencryptedpart2[32]; int decrypt_len; EVP_DecryptUpdate(&d, unencryptedpart2, &decrypt_len, encryptedpart2, 16); EVP_DecryptUpdate(&d, unencryptedpart2, &decrypt_len, encryptedpart2, 16); for(i=0; i<16; i++) { unencryptedpart2[i] ^= derived[i + 16]; } unsigned char unencryptedpart1[32]; memcpy(encryptedpart1+8, unencryptedpart2, 8); EVP_DecryptUpdate(&d, unencryptedpart1, &decrypt_len, encryptedpart1, 16); EVP_DecryptUpdate(&d, unencryptedpart1, &decrypt_len, encryptedpart1, 16); for(i=0; i<16; i++) { unencryptedpart1[i] ^= derived[i]; } // recoved seedb unsigned char seedb[24]; memcpy(seedb, unencryptedpart1, 16); memcpy(&(seedb[16]), &(unencryptedpart2[8]), 8); // turn seedb into factorb (factorb = SHA256(SHA256(seedb))) unsigned char factorb[32]; bu_Hash(factorb, seedb, 24); // multiply by passfactor (ec_point_pub) const EC_GROUP * ec_group = EC_KEY_get0_group(ec_point.k); const EC_POINT * ec_point_pub = EC_KEY_get0_public_key(ec_point.k); BIGNUM * bn_passfactor = BN_bin2bn(passfactor,32,BN_new()); BIGNUM * bn_factorb = BN_bin2bn(factorb,32,BN_new()); BIGNUM * bn_res = BN_new(); BIGNUM * bn_final = BN_new(); BIGNUM * bn_n = BN_new(); BN_CTX * ctx = BN_CTX_new(); EC_GROUP_get_order(ec_group, bn_n, ctx); BN_mul(bn_res, bn_passfactor, bn_factorb, ctx); BN_mod(bn_final, bn_res, bn_n, ctx); unsigned char finalKey[32]; memset(finalKey, 0, 32); int n = BN_bn2bin(bn_final, finalKey); BN_clear_free(bn_passfactor); BN_clear_free(bn_factorb); BN_clear_free(bn_res); BN_clear_free(bn_n); BN_clear_free(bn_final); printf("\n"); print_hex((char *)finalKey, 32); printf("\n"); std::vector<unsigned char> out; out.assign(finalKey, finalKey + 32); return out; }
static void runtest(void) { unsigned int i; struct bp_key keys[4]; /* generate keys */ for (i = 0; i < ARRAY_SIZE(keys); i++) { struct bp_key *key = &keys[i]; assert(bp_key_init(key) == true); assert(bp_key_generate(key) == true); } struct bp_keyset ks; bpks_init(&ks); /* add all but one to keyset */ for (i = 0; i < (ARRAY_SIZE(keys) - 1); i++) assert(bpks_add(&ks, &keys[i]) == true); /* verify all-but-one are in keyset */ for (i = 0; i < (ARRAY_SIZE(keys) - 1); i++) { unsigned char md160[RIPEMD160_DIGEST_LENGTH]; void *pubkey; size_t pklen; assert(bp_pubkey_get(&keys[i], &pubkey, &pklen) == true); bu_Hash160(md160, pubkey, pklen); assert(bpks_lookup(&ks, pubkey, pklen, true) == false); assert(bpks_lookup(&ks, pubkey, pklen, false) == true); assert(bpks_lookup(&ks, md160, sizeof(md160), true) == true); assert(bpks_lookup(&ks, md160, sizeof(md160), false) == false); free(pubkey); } /* verify last key not in keyset */ { unsigned char md160[RIPEMD160_DIGEST_LENGTH]; void *pubkey; size_t pklen; struct bp_key *key = &keys[ARRAY_SIZE(keys) - 1]; assert(bp_pubkey_get(key, &pubkey, &pklen) == true); bu_Hash160(md160, pubkey, pklen); assert(bpks_lookup(&ks, pubkey, pklen, true) == false); assert(bpks_lookup(&ks, pubkey, pklen, false) == false); assert(bpks_lookup(&ks, md160, sizeof(md160), true) == false); assert(bpks_lookup(&ks, md160, sizeof(md160), false) == false); free(pubkey); } bpks_free(&ks); for (i = 0; i < ARRAY_SIZE(keys); i++) { struct bp_key *key = &keys[i]; bp_key_free(key); } }