move BIP32 example to own file

This commit is contained in:
Daniel Cousens 2016-11-25 13:46:36 +11:00 committed by Daniel Cousens
parent 11850cc1a5
commit 1c68e41562
3 changed files with 62 additions and 52 deletions

View file

@ -106,10 +106,10 @@ The below examples are implemented as integration tests, they should be very eas
- [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24)
- [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9)
- [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25)
- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L11)
- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L48)
- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14)
- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L60)
- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js)
- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js)
- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/bip32.js)
- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js)
- [Create a CLTV locked transaction where the expiry is past](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L36)
- [Create a CLTV locked transaction where the parties bypass the expiry](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L70)
- [Create a CLTV locked transaction which fails due to expiry in the future](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L102)

58
test/integration/bip32.js Normal file
View file

@ -0,0 +1,58 @@
/* global describe, it */
var assert = require('assert')
var bigi = require('bigi')
var bitcoin = require('../../')
var crypto = require('crypto')
var ecurve = require('ecurve')
var secp256k1 = ecurve.getCurveByName('secp256k1')
describe('bitcoinjs-lib (BIP32)', function () {
it('can recover a BIP32 parent private key from the parent public key, and a derived, non-hardened child private key', function () {
function recoverParent (master, child) {
assert(!master.keyPair.d, 'You already have the parent private key')
assert(child.keyPair.d, 'Missing child private key')
var curve = secp256k1
var QP = master.keyPair.Q
var serQP = master.keyPair.getPublicKeyBuffer()
var d1 = child.keyPair.d
var d2
var data = new Buffer(37)
serQP.copy(data, 0)
// search index space until we find it
for (var i = 0; i < bitcoin.HDNode.HIGHEST_BIT; ++i) {
data.writeUInt32BE(i, 33)
// calculate I
var I = crypto.createHmac('sha512', master.chainCode).update(data).digest()
var IL = I.slice(0, 32)
var pIL = bigi.fromBuffer(IL)
// See hdnode.js:273 to understand
d2 = d1.subtract(pIL).mod(curve.n)
var Qp = new bitcoin.ECPair(d2).Q
if (Qp.equals(QP)) break
}
var node = new bitcoin.HDNode(new bitcoin.ECPair(d2), master.chainCode, master.network)
node.depth = master.depth
node.index = master.index
node.masterFingerprint = master.masterFingerprint
return node
}
var seed = crypto.randomBytes(32)
var master = bitcoin.HDNode.fromSeedBuffer(seed)
var child = master.derive(6) // m/6
// now for the recovery
var neuteredMaster = master.neutered()
var recovered = recoverParent(neuteredMaster, child)
assert.strictEqual(recovered.toBase58(), master.toBase58())
})
})

View file

@ -5,59 +5,11 @@ var async = require('async')
var bigi = require('bigi')
var bitcoin = require('../../')
var blockchain = require('./_blockchain')
var crypto = require('crypto')
var ecurve = require('ecurve')
var secp256k1 = ecurve.getCurveByName('secp256k1')
describe('bitcoinjs-lib (crypto)', function () {
it('can recover a BIP32 parent private key from the parent public key, and a derived, non-hardened child private key', function () {
function recoverParent (master, child) {
assert(!master.keyPair.d, 'You already have the parent private key')
assert(child.keyPair.d, 'Missing child private key')
var curve = secp256k1
var QP = master.keyPair.Q
var serQP = master.keyPair.getPublicKeyBuffer()
var d1 = child.keyPair.d
var d2
var data = new Buffer(37)
serQP.copy(data, 0)
// search index space until we find it
for (var i = 0; i < bitcoin.HDNode.HIGHEST_BIT; ++i) {
data.writeUInt32BE(i, 33)
// calculate I
var I = crypto.createHmac('sha512', master.chainCode).update(data).digest()
var IL = I.slice(0, 32)
var pIL = bigi.fromBuffer(IL)
// See hdnode.js:273 to understand
d2 = d1.subtract(pIL).mod(curve.n)
var Qp = new bitcoin.ECPair(d2).Q
if (Qp.equals(QP)) break
}
var node = new bitcoin.HDNode(new bitcoin.ECPair(d2), master.chainCode, master.network)
node.depth = master.depth
node.index = master.index
node.masterFingerprint = master.masterFingerprint
return node
}
var seed = crypto.randomBytes(32)
var master = bitcoin.HDNode.fromSeedBuffer(seed)
var child = master.derive(6) // m/6
// now for the recovery
var neuteredMaster = master.neutered()
var recovered = recoverParent(neuteredMaster, child)
assert.strictEqual(recovered.toBase58(), master.toBase58())
})
it('can recover a private key from duplicate R values', function (done) {
this.timeout(30000)