bitcoinjs-lib/src/hdwallet.js

var assert = require('assert')
var base58 = require('./base58')
var convert = require('./convert')

var Address = require('./address')
var BigInteger = require('./jsbn/jsbn')
var CJS = require('crypto-js')
var crypto = require('./crypto')
var ECKey = require('./eckey').ECKey
var ECPubKey = require('./eckey').ECPubKey
var Network = require('./network')

function HmacSHA512(buffer, secret) {
  var words = convert.bytesToWordArray(buffer)
  var hash = CJS.HmacSHA512(words, secret)

  return new Buffer(convert.wordArrayToBytes(hash))
}

function HDWallet(seed, netstr) {
  if (seed == undefined) return; // FIXME: Boo, should be stricter

  var I = HmacSHA512(seed, 'Bitcoin seed')
  this.chaincode = I.slice(32)
  this.network = netstr || 'bitcoin'

  if(!Network.hasOwnProperty(this.network)) {
    throw new Error("Unknown network: " + this.network)
  }

  this.priv = new ECKey(I.slice(0, 32), true)
  this.pub = this.priv.getPub()
  this.index = 0
  this.depth = 0
}

HDWallet.HIGHEST_BIT = 0x80000000
HDWallet.LENGTH = 78

HDWallet.fromSeedHex = function(hex, network) {
  return new HDWallet(new Buffer(hex, 'hex'), network)
}

HDWallet.fromBase58 = function(string) {
  var buffer = base58.decode(string)

  var payload = buffer.slice(0, -4)
  var checksum = buffer.slice(-4)
  var newChecksum = crypto.hash256(payload).slice(0, 4)

  assert.deepEqual(newChecksum, checksum)
  assert.equal(payload.length, HDWallet.LENGTH)

  return HDWallet.fromBuffer(payload)
}

HDWallet.fromHex = function(input) {
  return HDWallet.fromBuffer(new Buffer(input, 'hex'))
}

HDWallet.fromBuffer = function(input) {
  assert(input.length === HDWallet.LENGTH)

  var hd = new HDWallet()

  // 4 byte: version bytes
  var version = input.readUInt32BE(0)

  var type
  for(var name in Network) {
    var network = Network[name]

    for(var t in network.bip32) {
      if (version != network.bip32[t]) continue

      type = t
      hd.network = name
    }
  }

  if (!hd.network) {
    throw new Error('Could not find version ' + version.toString(16))
  }

  // 1 byte: depth: 0x00 for master nodes, 0x01 for level-1 descendants, ...
  hd.depth = input.readUInt8(4)

  // 4 bytes: the fingerprint of the parent's key (0x00000000 if master key)
  hd.parentFingerprint = input.readUInt32BE(5)
  if (hd.depth === 0) {
    assert(hd.parentFingerprint === 0x00000000)
  }

  // 4 bytes: child number. This is the number i in xi = xpar/i, with xi the key being serialized.
  // This is encoded in MSB order. (0x00000000 if master key)
  hd.index = input.readUInt32BE(9)
  assert(hd.depth > 0 || hd.index === 0)

  // 32 bytes: the chain code
  hd.chaincode = input.slice(13, 45)

  // 33 bytes: the public key or private key data (0x02 + X or 0x03 + X for
  // public keys, 0x00 + k for private keys)
  if (type == 'priv') {
    hd.priv = new ECKey(input.slice(46, 78), true)
    hd.pub = hd.priv.getPub()
  } else {
    hd.pub = new ECPubKey(input.slice(45, 78), true)
  }

  return hd
}

HDWallet.prototype.getIdentifier = function() {
  return crypto.hash160(this.pub.toBytes())
}

HDWallet.prototype.getFingerprint = function() {
  return this.getIdentifier().slice(0, 4)
}

HDWallet.prototype.getAddress = function() {
  return new Address(crypto.hash160(this.pub.toBytes()), this.getKeyVersion())
}

HDWallet.prototype.toBuffer = function(priv) {
  // Version
  var version = Network[this.network].bip32[priv ? 'priv' : 'pub']
  var buffer = new Buffer(HDWallet.LENGTH)

  // 4 bytes: version bytes
  buffer.writeUInt32BE(version, 0)

  // Depth
  // 1 byte: depth: 0x00 for master nodes, 0x01 for level-1 descendants, ....
  buffer.writeUInt8(this.depth, 4)

  // 4 bytes: the fingerprint of the parent's key (0x00000000 if master key)
  var fingerprint = this.depth ? this.parentFingerprint : 0x00000000
  buffer.writeUInt32BE(fingerprint, 5)

  // 4 bytes: child number. This is the number i in xi = xpar/i, with xi the key being serialized.
  // This is encoded in Big endian. (0x00000000 if master key)
  buffer.writeUInt32BE(this.index, 9)

  // 32 bytes: the chain code
  this.chaincode.copy(buffer, 13)

  // 33 bytes: the public key or private key data
  if (priv) {
    assert(this.priv, 'Cannot serialize to private without private key')

    // 0x00 + k for private keys
    buffer.writeUInt8(0, 45)
    new Buffer(this.priv.toBytes()).copy(buffer, 46)
  } else {

    // X9.62 encoding for public keys
    new Buffer(this.pub.toBytes()).copy(buffer, 45)
  }

  return buffer
}
HDWallet.prototype.toHex = function(priv) {
  return this.toBuffer(priv).toString('hex')
}

HDWallet.prototype.toBase58 = function(priv) {
  var buffer = new Buffer(this.toBuffer(priv))
  var checksum = crypto.hash256(buffer).slice(0, 4)

  return base58.encode(Buffer.concat([
    buffer,
    checksum
  ]))
}

HDWallet.prototype.derive = function(i) {
  var iBytes = convert.numToBytes(i, 4).reverse()
    , cPar = this.chaincode
    , usePriv = i >= HDWallet.HIGHEST_BIT
    , SHA512 = CJS.algo.SHA512

  var I
  if (usePriv) {
    assert(this.priv, 'Private derive on public key')

    // If 1, private derivation is used:
    // let I = HMAC-SHA512(Key = cpar, Data = 0x00 || kpar || i) [Note:]
    var kPar = this.priv.toBytes().slice(0, 32)

    // FIXME: Dislikes buffers
    I = HmacFromBytesToBytes(SHA512, [0].concat(kPar, iBytes), cPar)
  } else {
    // If 0, public derivation is used:
    // let I = HMAC-SHA512(Key = cpar, Data = χ(kpar*G) || i)
    var KPar = this.pub.toBytes()

    // FIXME: Dislikes buffers
    I = HmacFromBytesToBytes(SHA512, KPar.concat(iBytes), cPar)
  }

  // FIXME: Boo, CSJ.algo.SHA512 uses byte arrays
  I = new Buffer(I)

  // Split I = IL || IR into two 32-byte sequences, IL and IR.
  var IL = I.slice(0, 32)
    , IR = I.slice(32)

  var hd = new HDWallet()
  hd.network = this.network

  var ILbytes = Buffer.concat([IL, new Buffer([0x01])])
  var ILpriv = new ECKey(ILbytes, true)

  if (this.priv) {
    // ki = IL + kpar (mod n).
    hd.priv = this.priv.add(ILpriv)
    hd.pub = hd.priv.getPub()
  } else {
    // Ki = (IL + kpar)*G = IL*G + Kpar
    hd.pub = this.pub.add(ILpriv.getPub())
  }

  // ci = IR.
  hd.chaincode = IR
  hd.parentFingerprint = this.getFingerprint().readUInt32BE(0)
  hd.depth = this.depth + 1
  hd.index = i
  hd.pub.compressed = true
  return hd
}

HDWallet.prototype.derivePrivate = function(index) {
  return this.derive(index + HDWallet.HIGHEST_BIT)
}

HDWallet.prototype.getKeyVersion = function() {
  return Network[this.network].pubKeyHash
}

HDWallet.prototype.toString = HDWallet.prototype.toBase58

function HmacFromBytesToBytes(hasher, message, key) {
  var hmac = CJS.algo.HMAC.create(hasher, convert.bytesToWordArray(key))
  hmac.update(convert.bytesToWordArray(message))
  return convert.wordArrayToBytes(hmac.finalize())
}

module.exports = HDWallet
move address versions into network Also change address type name: address_types -> addressVersion p2sh_types -> p2shVersion prod -> mainnet 2014-02-28 16:05:43 +08:00			`var assert = require('assert')`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`var base58 = require('./base58')`
			`var convert = require('./convert')`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00
			`var Address = require('./address')`
			`var BigInteger = require('./jsbn/jsbn')`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`var CJS = require('crypto-js')`
Renames util.js to crypto.js 2014-04-08 22:00:28 +10:00			`var crypto = require('./crypto')`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`var ECKey = require('./eckey').ECKey`
			`var ECPubKey = require('./eckey').ECPubKey`
move address versions into network Also change address type name: address_types -> addressVersion p2sh_types -> p2shVersion prod -> mainnet 2014-02-28 16:05:43 +08:00			`var Network = require('./network')`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`function HmacSHA512(buffer, secret) {`
			`var words = convert.bytesToWordArray(buffer)`
			`var hash = CJS.HmacSHA512(words, secret)`
Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`return new Buffer(convert.wordArrayToBytes(hash))`
Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00			`}`

Renames network parameter to netstr This should make the intent clearer. This commit also catches the `null` case for the seed parameter. 2014-04-17 06:09:45 +10:00			`function HDWallet(seed, netstr) {`
			`if (seed == undefined) return; // FIXME: Boo, should be stricter`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`var I = HmacSHA512(seed, 'Bitcoin seed')`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`this.chaincode = I.slice(32)`
Renames network parameter to netstr This should make the intent clearer. This commit also catches the `null` case for the seed parameter. 2014-04-17 06:09:45 +10:00			`this.network = netstr \|\| 'bitcoin'`

cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`if(!Network.hasOwnProperty(this.network)) {`
			`throw new Error("Unknown network: " + this.network)`
			`}`
throws exception if specified network is unknown also move network type tests to hdwallet 2014-02-28 17:26:16 +08:00
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`this.priv = new ECKey(I.slice(0, 32), true)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`this.pub = this.priv.getPub()`
			`this.index = 0`
			`this.depth = 0`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

			`HDWallet.HIGHEST_BIT = 0x80000000`
			`HDWallet.LENGTH = 78`

change hd wallet constructor to take bytes original constructor -> fromSeedString, fromMasterHex -> fromSeedHex [#60] 2014-03-11 22:41:20 +08:00			`HDWallet.fromSeedHex = function(hex, network) {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`return new HDWallet(new Buffer(hex, 'hex'), network)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00			`HDWallet.fromBase58 = function(string) {`
			`var buffer = base58.decode(string)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00			`var payload = buffer.slice(0, -4)`
			`var checksum = buffer.slice(-4)`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`var newChecksum = crypto.hash256(payload).slice(0, 4)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00			`assert.deepEqual(newChecksum, checksum)`
			`assert.equal(payload.length, HDWallet.LENGTH)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`return HDWallet.fromBuffer(payload)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

			`HDWallet.fromHex = function(input) {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`return HDWallet.fromBuffer(new Buffer(input, 'hex'))`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`HDWallet.fromBuffer = function(input) {`
			`assert(input.length === HDWallet.LENGTH)`
Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`var hd = new HDWallet()`

HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`// 4 byte: version bytes`
			`var version = input.readUInt32BE(0)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var type`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`for(var name in Network) {`
			`var network = Network[name]`
Some cosmetic fixes 2014-04-01 15:52:40 +11:00
Updates network.js constant names 2014-04-17 05:43:34 +10:00			`for(var t in network.bip32) {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`if (version != network.bip32[t]) continue`
Some cosmetic fixes 2014-04-01 15:52:40 +11:00
			`type = t`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`hd.network = name`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`}`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`if (!hd.network) {`
Removes format dependency 2014-04-17 06:27:51 +10:00			`throw new Error('Could not find version ' + version.toString(16))`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`}`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// 1 byte: depth: 0x00 for master nodes, 0x01 for level-1 descendants, ...`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`hd.depth = input.readUInt8(4)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// 4 bytes: the fingerprint of the parent's key (0x00000000 if master key)`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`hd.parentFingerprint = input.readUInt32BE(5)`
			`if (hd.depth === 0) {`
			`assert(hd.parentFingerprint === 0x00000000)`
			`}`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// 4 bytes: child number. This is the number i in xi = xpar/i, with xi the key being serialized.`
			`// This is encoded in MSB order. (0x00000000 if master key)`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`hd.index = input.readUInt32BE(9)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`assert(hd.depth > 0 \|\| hd.index === 0)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// 32 bytes: the chain code`
			`hd.chaincode = input.slice(13, 45)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// 33 bytes: the public key or private key data (0x02 + X or 0x03 + X for`
			`// public keys, 0x00 + k for private keys)`
			`if (type == 'priv') {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`hd.priv = new ECKey(input.slice(46, 78), true)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`hd.pub = hd.priv.getPub()`
			`} else {`
			`hd.pub = new ECPubKey(input.slice(45, 78), true)`
			`}`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`return hd`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

			`HDWallet.prototype.getIdentifier = function() {`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`return crypto.hash160(this.pub.toBytes())`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

			`HDWallet.prototype.getFingerprint = function() {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`return this.getIdentifier().slice(0, 4)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

Changes to new version-less ECKey API 2014-03-22 18:17:54 +11:00			`HDWallet.prototype.getAddress = function() {`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`return new Address(crypto.hash160(this.pub.toBytes()), this.getKeyVersion())`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`HDWallet.prototype.toBuffer = function(priv) {`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// Version`
Updates network.js constant names 2014-04-17 05:43:34 +10:00			`var version = Network[this.network].bip32[priv ? 'priv' : 'pub']`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var buffer = new Buffer(HDWallet.LENGTH)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`// 4 bytes: version bytes`
			`buffer.writeUInt32BE(version, 0)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// Depth`
			`// 1 byte: depth: 0x00 for master nodes, 0x01 for level-1 descendants, ....`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`buffer.writeUInt8(this.depth, 4)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00
			`// 4 bytes: the fingerprint of the parent's key (0x00000000 if master key)`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var fingerprint = this.depth ? this.parentFingerprint : 0x00000000`
			`buffer.writeUInt32BE(fingerprint, 5)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00
			`// 4 bytes: child number. This is the number i in xi = xpar/i, with xi the key being serialized.`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`// This is encoded in Big endian. (0x00000000 if master key)`
			`buffer.writeUInt32BE(this.index, 9)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00
			`// 32 bytes: the chain code`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`this.chaincode.copy(buffer, 13)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00
			`// 33 bytes: the public key or private key data`
			`if (priv) {`
			`assert(this.priv, 'Cannot serialize to private without private key')`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00
			`// 0x00 + k for private keys`
			`buffer.writeUInt8(0, 45)`
			`new Buffer(this.priv.toBytes()).copy(buffer, 46)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`} else {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00
			`// X9.62 encoding for public keys`
			`new Buffer(this.pub.toBytes()).copy(buffer, 45)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`}`

			`return buffer`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`
			`HDWallet.prototype.toHex = function(priv) {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`return this.toBuffer(priv).toString('hex')`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

			`HDWallet.prototype.toBase58 = function(priv) {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var buffer = new Buffer(this.toBuffer(priv))`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`var checksum = crypto.hash256(buffer).slice(0, 4)`
Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00
			`return base58.encode(Buffer.concat([`
			`buffer,`
			`checksum`
			`]))`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

			`HDWallet.prototype.derive = function(i) {`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var iBytes = convert.numToBytes(i, 4).reverse()`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`, cPar = this.chaincode`
			`, usePriv = i >= HDWallet.HIGHEST_BIT`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`, SHA512 = CJS.algo.SHA512`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var I`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`if (usePriv) {`
			`assert(this.priv, 'Private derive on public key')`

			`// If 1, private derivation is used:`
			`// let I = HMAC-SHA512(Key = cpar, Data = 0x00 \|\| kpar \|\| i) [Note:]`
			`var kPar = this.priv.toBytes().slice(0, 32)`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00
			`// FIXME: Dislikes buffers`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`I = HmacFromBytesToBytes(SHA512, [0].concat(kPar, iBytes), cPar)`
			`} else {`
			`// If 0, public derivation is used:`
			`// let I = HMAC-SHA512(Key = cpar, Data = χ(kpar*G) \|\| i)`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var KPar = this.pub.toBytes()`

			`// FIXME: Dislikes buffers`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`I = HmacFromBytesToBytes(SHA512, KPar.concat(iBytes), cPar)`
			`}`

HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`// FIXME: Boo, CSJ.algo.SHA512 uses byte arrays`
			`I = new Buffer(I)`

cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`// Split I = IL \|\| IR into two 32-byte sequences, IL and IR.`
			`var IL = I.slice(0, 32)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`, IR = I.slice(32)`

cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`var hd = new HDWallet()`
			`hd.network = this.network`

HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`var ILbytes = Buffer.concat([IL, new Buffer([0x01])])`
			`var ILpriv = new ECKey(ILbytes, true)`

cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`if (this.priv) {`
			`// ki = IL + kpar (mod n).`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`hd.priv = this.priv.add(ILpriv)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`hd.pub = hd.priv.getPub()`
			`} else {`
			`// Ki = (IL + kpar)G = ILG + Kpar`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`hd.pub = this.pub.add(ILpriv.getPub())`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`}`

			`// ci = IR.`
			`hd.chaincode = IR`
HDWallet now uses Buffers internally 2014-04-17 06:18:31 +10:00			`hd.parentFingerprint = this.getFingerprint().readUInt32BE(0)`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`hd.depth = this.depth + 1`
			`hd.index = i`
			`hd.pub.compressed = true`
			`return hd`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

			`HDWallet.prototype.derivePrivate = function(index) {`
cosmetic standardization [closes #56] 2014-03-31 11:47:47 +08:00			`return this.derive(index + HDWallet.HIGHEST_BIT)`
Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`}`

key version check always always relies on the network property [#27] 2014-02-28 14:08:34 +08:00			`HDWallet.prototype.getKeyVersion = function() {`
Updates network.js constant names 2014-04-17 05:43:34 +10:00			`return Network[this.network].pubKeyHash`
key version check always always relies on the network property [#27] 2014-02-28 14:08:34 +08:00			`}`

Rewrite HD Wallet (BIP0032) with all test vectors 2014-01-16 14:03:09 +07:00			`HDWallet.prototype.toString = HDWallet.prototype.toBase58`
migrate crypto-js to 3.1.2 2014-03-08 13:02:40 +08:00
cleaned up address.js 2014-03-25 20:57:19 +01:00			`function HmacFromBytesToBytes(hasher, message, key) {`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 22:13:03 +10:00			`var hmac = CJS.algo.HMAC.create(hasher, convert.bytesToWordArray(key))`
cleaned up address.js 2014-03-25 20:57:19 +01:00			`hmac.update(convert.bytesToWordArray(message))`
			`return convert.wordArrayToBytes(hmac.finalize())`
			`}`

Changes existing code to use new base58 API 2014-04-04 05:10:12 +11:00			`module.exports = HDWallet`