LBRYCommunity/bitcoinjs-lib
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #134 from dcousens/hdwalletbuf

Browse source 
HDWallet now uses Buffers internally
This commit is contained in:
Kyle Drake 2014-04-16 14:24:31 -07:00
commit aaaf66f15e
3 changed files with 82 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/eckey.js
View file

@ -30,6 +30,7 @@ ECKey.prototype.import = function (input, compressed) {
input instanceof ECKey ? input.priv
: input instanceof BigInteger ? input.mod(ecparams.getN())
: Array.isArray(input) ? fromBin(input.slice(0, 32))
: Buffer.isBuffer(input) ? fromBin(input.slice(0, 32))
: typeof input != "string" ? null
: input.length == 44 ? fromBin(convert.base64ToBytes(input))
: input.length == 51 && input[0] == '5' ? fromBin(base58check.decode(input).payload)
@ -136,6 +137,7 @@ ECPubKey.prototype.import = function(input, compressed) {
: input instanceof ECPubKey ? input.pub
: typeof input == "string" ? decode(convert.hexToBytes(input))
: Array.isArray(input) ? decode(input)
: Buffer.isBuffer(input) ? decode(input)
: null
assert(this.pub !== null)

148
src/hdwallet.js
View file

@ -1,32 +1,37 @@
var Address = require('./address')
var assert = require('assert')
var base58 = require('./base58')
var convert = require('./convert')
var Address = require('./address')
var BigInteger = require('./jsbn/jsbn')
var CJS = require('crypto-js')
var crypto = require('./crypto')
var ECKey = require('./eckey').ECKey
var ECPubKey = require('./eckey').ECPubKey
var format = require('util').format
var Network = require('./network')
var sec = require('./jsbn/sec')
var ecparams = sec("secp256k1")
function HmacSHA512(buffer, secret) {
var words = convert.bytesToWordArray(buffer)
var hash = CJS.HmacSHA512(words, secret)
return convert.wordArrayToBytes(hash)
return new Buffer(convert.wordArrayToBytes(hash))
}
function HDWallet(seed, network) {
if (seed === undefined) return;
function HDWallet(seed, netstr) {
if (seed == undefined) return; // FIXME: Boo, should be stricter
var I = HmacSHA512(seed, 'Bitcoin seed')
this.chaincode = I.slice(32)
this.network = network || 'bitcoin'
this.network = netstr || 'bitcoin'
if(!Network.hasOwnProperty(this.network)) {
throw new Error("Unknown network: " + this.network)
}
this.priv = new ECKey(I.slice(0, 32).concat([1]), true)
this.priv = new ECKey(I.slice(0, 32), true)
this.pub = this.priv.getPub()
this.index = 0
this.depth = 0
@ -35,16 +40,8 @@ function HDWallet(seed, network) {
HDWallet.HIGHEST_BIT = 0x80000000
HDWallet.LENGTH = 78
function arrayEqual(a, b) {
return !(a < b || a > b)
}
HDWallet.fromSeedHex = function(hex, network) {
return new HDWallet(convert.hexToBytes(hex), network)
}
HDWallet.fromSeedString = function(string, network) {
return new HDWallet(convert.stringToBytes(string), network)
return new HDWallet(new Buffer(hex, 'hex'), network)
}
HDWallet.fromBase58 = function(string) {
@ -57,37 +54,27 @@ HDWallet.fromBase58 = function(string) {
assert.deepEqual(newChecksum, checksum)
assert.equal(payload.length, HDWallet.LENGTH)
return HDWallet.fromBytes(payload)
return HDWallet.fromBuffer(payload)
}
HDWallet.fromHex = function(input) {
return HDWallet.fromBytes(convert.hexToBytes(input))
return HDWallet.fromBuffer(new Buffer(input, 'hex'))
}
HDWallet.fromBytes = function(input) {
// This 78 byte structure can be encoded like other Bitcoin data in Base58. (+32 bits checksum)
if (input.length != HDWallet.LENGTH) {
throw new Error(format('Invalid input length, %s. Expected %s.', input.length, HDWallet.LENGTH))
}
// FIXME: transitionary fix
if (Buffer.isBuffer(input)) {
input = Array.prototype.map.bind(input, function(x) { return x })()
}
HDWallet.fromBuffer = function(input) {
assert(input.length === HDWallet.LENGTH)
var hd = new HDWallet()
// 4 byte: version bytes (bitcoin: 0x0488B21E public, 0x0488ADE4 private
// testnet: 0x043587CF public, 0x04358394 private)
var versionBytes = input.slice(0, 4)
var versionWord = convert.bytesToWords(versionBytes)[0]
var type
// 4 byte: version bytes
var version = input.readUInt32BE(0)
var type
for(var name in Network) {
var network = Network[name]
for(var t in network.bip32) {
if (versionWord != network.bip32[t]) continue
if (version != network.bip32[t]) continue
type = t
hd.network = name
@ -95,19 +82,21 @@ HDWallet.fromBytes = function(input) {
}
if (!hd.network) {
throw new Error(format('Could not find version %s', convert.bytesToHex(versionBytes)))
throw new Error('Could not find version ' + version.toString(16))
}
// 1 byte: depth: 0x00 for master nodes, 0x01 for level-1 descendants, ...
hd.depth = input[4]
hd.depth = input.readUInt8(4)
// 4 bytes: the fingerprint of the parent's key (0x00000000 if master key)
hd.parentFingerprint = input.slice(5, 9)
assert((hd.depth === 0) == arrayEqual(hd.parentFingerprint, [0, 0, 0, 0]))
hd.parentFingerprint = input.readUInt32BE(5)
if (hd.depth === 0) {
assert(hd.parentFingerprint === 0x00000000)
}
// 4 bytes: child number. This is the number i in xi = xpar/i, with xi the key being serialized.
// This is encoded in MSB order. (0x00000000 if master key)
hd.index = convert.bytesToNum(input.slice(9, 13).reverse())
hd.index = input.readUInt32BE(9)
assert(hd.depth > 0 || hd.index === 0)
// 32 bytes: the chain code
@ -116,7 +105,7 @@ HDWallet.fromBytes = function(input) {
// 33 bytes: the public key or private key data (0x02 + X or 0x03 + X for
// public keys, 0x00 + k for private keys)
if (type == 'priv') {
hd.priv = new ECKey(input.slice(46, 78).concat([1]), true)
hd.priv = new ECKey(input.slice(46, 78), true)
hd.pub = hd.priv.getPub()
} else {
hd.pub = new ECPubKey(input.slice(45, 78), true)
@ -130,63 +119,57 @@ HDWallet.prototype.getIdentifier = function() {
}
HDWallet.prototype.getFingerprint = function() {
return Array.prototype.slice.call(this.getIdentifier(), 0, 4)
return this.getIdentifier().slice(0, 4)
}
HDWallet.prototype.getAddress = function() {
return new Address(crypto.hash160(this.pub.toBytes()), this.getKeyVersion())
}
HDWallet.prototype.toBytes = function(priv) {
var buffer = []
HDWallet.prototype.toBuffer = function(priv) {
// Version
// 4 byte: version bytes (bitcoin: 0x0488B21E public, 0x0488ADE4 private; testnet: 0x043587CF public,
// 0x04358394 private)
var version = Network[this.network].bip32[priv ? 'priv' : 'pub']
var vBytes = convert.wordsToBytes([version])
var buffer = new Buffer(HDWallet.LENGTH)
buffer = buffer.concat(vBytes)
assert.equal(buffer.length, 4)
// 4 bytes: version bytes
buffer.writeUInt32BE(version, 0)
// Depth
// 1 byte: depth: 0x00 for master nodes, 0x01 for level-1 descendants, ....
buffer.push(this.depth)
assert.equal(buffer.length, 4 + 1)
buffer.writeUInt8(this.depth, 4)
// 4 bytes: the fingerprint of the parent's key (0x00000000 if master key)
buffer = buffer.concat(this.depth ? this.parentFingerprint : [0, 0, 0, 0])
assert.equal(buffer.length, 4 + 1 + 4)
var fingerprint = this.depth ? this.parentFingerprint : 0x00000000
buffer.writeUInt32BE(fingerprint, 5)
// 4 bytes: child number. This is the number i in xi = xpar/i, with xi the key being serialized.
// This is encoded in MSB order. (0x00000000 if master key)
buffer = buffer.concat(convert.numToBytes(this.index, 4).reverse())
assert.equal(buffer.length, 4 + 1 + 4 + 4)
// This is encoded in Big endian. (0x00000000 if master key)
buffer.writeUInt32BE(this.index, 9)
// 32 bytes: the chain code
buffer = buffer.concat(this.chaincode)
assert.equal(buffer.length, 4 + 1 + 4 + 4 + 32)
this.chaincode.copy(buffer, 13)
// 33 bytes: the public key or private key data
// (0x02 + X or 0x03 + X for public keys, 0x00 + k for private keys)
if (priv) {
assert(this.priv, 'Cannot serialize to private without private key')
buffer.push(0)
buffer = buffer.concat(this.priv.toBytes().slice(0, 32))
// 0x00 + k for private keys
buffer.writeUInt8(0, 45)
new Buffer(this.priv.toBytes()).copy(buffer, 46)
} else {
buffer = buffer.concat(this.pub.toBytes(true))
// X9.62 encoding for public keys
new Buffer(this.pub.toBytes()).copy(buffer, 45)
}
return buffer
}
HDWallet.prototype.toHex = function(priv) {
var bytes = this.toBytes(priv)
return convert.bytesToHex(bytes)
return this.toBuffer(priv).toString('hex')
}
HDWallet.prototype.toBase58 = function(priv) {
var buffer = new Buffer(this.toBytes(priv))
var buffer = new Buffer(this.toBuffer(priv))
var checksum = crypto.hash256(buffer).slice(0, 4)
return base58.encode(Buffer.concat([
@ -196,47 +179,58 @@ HDWallet.prototype.toBase58 = function(priv) {
}
HDWallet.prototype.derive = function(i) {
var I
, iBytes = convert.numToBytes(i, 4).reverse()
var iBytes = convert.numToBytes(i, 4).reverse()
, cPar = this.chaincode
, usePriv = i >= HDWallet.HIGHEST_BIT
, SHA512 = CJS.algo.SHA512
var I
if (usePriv) {
assert(this.priv, 'Private derive on public key')
// If 1, private derivation is used:
// let I = HMAC-SHA512(Key = cpar, Data = 0x00 || kpar || i) [Note:]
var kPar = this.priv.toBytes().slice(0, 32)
// FIXME: Dislikes buffers
I = HmacFromBytesToBytes(SHA512, [0].concat(kPar, iBytes), cPar)
} else {
// If 0, public derivation is used:
// let I = HMAC-SHA512(Key = cpar, Data = χ(kpar*G) || i)
var KPar = this.pub.toBytes(true)
var KPar = this.pub.toBytes()
// FIXME: Dislikes buffers
I = HmacFromBytesToBytes(SHA512, KPar.concat(iBytes), cPar)
}
// FIXME: Boo, CSJ.algo.SHA512 uses byte arrays
I = new Buffer(I)
// Split I = IL || IR into two 32-byte sequences, IL and IR.
var IL = I.slice(0, 32)
, IR = I.slice(32)
var ILb = I.slice(0, 32)
, IRb = I.slice(32)
var hd = new HDWallet()
hd.network = this.network
var IL = BigInteger.fromByteArrayUnsigned(ILb)
if (this.priv) {
// ki = IL + kpar (mod n).
hd.priv = this.priv.add(new ECKey(IL.concat([1])))
hd.priv.compressed = true
hd.priv.version = this.getKeyVersion()
var ki = IL.add(this.priv.priv).mod(ecparams.getN())
hd.priv = new ECKey(ki, true)
hd.pub = hd.priv.getPub()
} else {
// Ki = (IL + kpar)*G = IL*G + Kpar
hd.pub = this.pub.add(new ECKey(IL.concat([1]), true).getPub())
var Ki = IL.multiply(ecparams.getG()).add(this.pub.pub)
hd.pub = new ECPubKey(Ki, true)
}
// ci = IR.
hd.chaincode = IR
hd.parentFingerprint = this.getFingerprint()
hd.chaincode = IRb
hd.parentFingerprint = this.getFingerprint().readUInt32BE(0)
hd.depth = this.depth + 1
hd.index = i
hd.pub.compressed = true

27
test/hdwallet.js
View file

@ -1,11 +1,11 @@
var HDWallet = require('../src/hdwallet.js')
var assert = require('assert')
var convert = require('../src/convert.js')
var Network = require('../src/network')
var bitcoin = Network.bitcoin.pubKeyHash
var testnet = Network.testnet.pubKeyHash
var b2h = convert.bytesToHex
var HDWallet = require('../').HDWallet
function b2h(buf) {
assert(Buffer.isBuffer(buf))
return buf.toString('hex')
}
describe('HDWallet', function() {
describe('toBase58', function() {
@ -33,10 +33,10 @@ describe('HDWallet', function() {
describe('constructor & seed deserialization', function() {
var expectedPrivateKey = '0fd71c652e847ba7ea7956e3cf3fc0a0985871846b1b2c23b9c6a29a38cee86001'
var seed = [
var seed = new Buffer([
99, 114, 97, 122, 121, 32, 104, 111, 114, 115, 101, 32, 98,
97, 116, 116, 101, 114, 121, 32, 115, 116, 97, 112, 108, 101
]
])
it('creates from binary seed', function() {
var hd = new HDWallet(seed)
@ -47,16 +47,7 @@ describe('HDWallet', function() {
describe('fromSeedHex', function() {
it('creates from hex seed', function() {
var hd = HDWallet.fromSeedHex(b2h(seed))
assert.equal(hd.priv.toHex(), expectedPrivateKey)
assert(hd.pub)
})
})
describe('fromSeedString', function() {
it('creates from string seed', function() {
var hd = HDWallet.fromSeedString(convert.bytesToString(seed))
var hd = HDWallet.fromSeedHex(seed.toString('hex'))
assert.equal(hd.priv.toHex(), expectedPrivateKey)
assert(hd.pub)