2014-01-09 06:46:05 +01:00
|
|
|
// Copyright (c) 2013-2014 Conformal Systems LLC.
|
2013-09-12 17:32:47 +02:00
|
|
|
// Use of this source code is governed by an ISC
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
2013-09-12 02:52:35 +02:00
|
|
|
package btcutil
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"code.google.com/p/go.crypto/ripemd160"
|
|
|
|
"errors"
|
|
|
|
"github.com/conformal/btcwire"
|
|
|
|
)
|
|
|
|
|
2013-10-08 17:52:12 +02:00
|
|
|
// ErrUnknownNet describes an error where the Bitcoin network is
|
|
|
|
// not recognized.
|
|
|
|
var ErrUnknownNet = errors.New("unrecognized bitcoin network")
|
2013-09-12 02:52:35 +02:00
|
|
|
|
|
|
|
// ErrMalformedAddress describes an error where an address is improperly
|
|
|
|
// formatted, either due to an incorrect length of the hashed pubkey or
|
|
|
|
// a non-matching checksum.
|
2013-09-12 17:32:47 +02:00
|
|
|
var ErrMalformedAddress = errors.New("malformed address")
|
2013-09-12 02:52:35 +02:00
|
|
|
|
2013-11-01 05:45:38 +01:00
|
|
|
// ErrMalformedPrivateKey describes an error where an address is improperly
|
|
|
|
// formatted, either due to an incorrect length of the private key or
|
|
|
|
// a non-matching checksum.
|
|
|
|
var ErrMalformedPrivateKey = errors.New("malformed private key")
|
|
|
|
|
2013-09-12 02:52:35 +02:00
|
|
|
// Constants used to specify which network a payment address belongs
|
|
|
|
// to. Mainnet address cannot be used on the Testnet, and vice versa.
|
|
|
|
const (
|
|
|
|
// MainNetAddr is the address identifier for MainNet
|
|
|
|
MainNetAddr = 0x00
|
|
|
|
|
|
|
|
// TestNetAddr is the address identifier for TestNet
|
|
|
|
TestNetAddr = 0x6f
|
2013-11-01 05:45:38 +01:00
|
|
|
|
|
|
|
// MainNetKey is the key identifier for MainNet
|
|
|
|
MainNetKey = 0x80
|
|
|
|
|
|
|
|
// TestNetKey is the key identifier for TestNet
|
|
|
|
TestNetKey = 0xef
|
2014-01-02 06:25:00 +01:00
|
|
|
|
2014-01-02 18:09:47 +01:00
|
|
|
// MainNetScriptHash is the script hash identifier for MainNet
|
2014-01-02 06:25:00 +01:00
|
|
|
MainNetScriptHash = 0x05
|
|
|
|
|
2014-01-02 18:09:47 +01:00
|
|
|
// TestNetScriptHash is the script hash identifier for TestNet
|
|
|
|
TestNetScriptHash = 0xc4
|
2013-09-12 02:52:35 +02:00
|
|
|
)
|
|
|
|
|
2013-10-08 17:52:12 +02:00
|
|
|
// EncodeAddress takes a 20-byte raw payment address (hash160 of a pubkey)
|
|
|
|
// and the Bitcoin network to create a human-readable payment address string.
|
2014-01-03 17:10:25 +01:00
|
|
|
//
|
|
|
|
// DEPRECATED - Use the EncodeAddress functions of the Address interface.
|
2013-10-08 17:52:12 +02:00
|
|
|
func EncodeAddress(addrHash []byte, net btcwire.BitcoinNet) (encoded string, err error) {
|
2013-09-12 02:52:35 +02:00
|
|
|
if len(addrHash) != ripemd160.Size {
|
|
|
|
return "", ErrMalformedAddress
|
|
|
|
}
|
2013-10-08 17:52:12 +02:00
|
|
|
|
|
|
|
var netID byte
|
|
|
|
switch net {
|
|
|
|
case btcwire.MainNet:
|
|
|
|
netID = MainNetAddr
|
|
|
|
case btcwire.TestNet3:
|
|
|
|
netID = TestNetAddr
|
|
|
|
default:
|
|
|
|
return "", ErrUnknownNet
|
2013-09-12 02:52:35 +02:00
|
|
|
}
|
|
|
|
|
2014-01-02 06:25:00 +01:00
|
|
|
return encodeHashWithNetId(netID, addrHash)
|
|
|
|
}
|
|
|
|
|
2014-01-02 18:09:47 +01:00
|
|
|
// EncodeScriptHash takes a 20-byte raw script hash (hash160 of the SHA256 of the redeeming script)
|
2014-01-02 06:25:00 +01:00
|
|
|
// and the Bitcoin network to create a human-readable payment address string.
|
2014-01-03 17:10:25 +01:00
|
|
|
//
|
|
|
|
// DEPRECATED - Use the EncodeAddress functions of the Address interface.
|
2014-01-02 06:25:00 +01:00
|
|
|
func EncodeScriptHash(addrHash []byte, net btcwire.BitcoinNet) (encoded string, err error) {
|
|
|
|
if len(addrHash) != ripemd160.Size {
|
|
|
|
return "", ErrMalformedAddress
|
|
|
|
}
|
|
|
|
|
|
|
|
var netID byte
|
|
|
|
switch net {
|
|
|
|
case btcwire.MainNet:
|
|
|
|
netID = MainNetScriptHash
|
|
|
|
case btcwire.TestNet3:
|
|
|
|
netID = TestNetScriptHash
|
|
|
|
default:
|
|
|
|
return "", ErrUnknownNet
|
|
|
|
}
|
|
|
|
|
|
|
|
return encodeHashWithNetId(netID, addrHash)
|
|
|
|
}
|
|
|
|
|
|
|
|
func encodeHashWithNetId(netID byte, addrHash []byte) (encoded string, err error) {
|
2013-09-12 02:52:35 +02:00
|
|
|
tosum := append([]byte{netID}, addrHash...)
|
|
|
|
cksum := btcwire.DoubleSha256(tosum)
|
|
|
|
|
2013-10-08 17:52:12 +02:00
|
|
|
// Address before base58 encoding is 1 byte for netID, 20 bytes for
|
|
|
|
// hash, plus 4 bytes of checksum.
|
|
|
|
a := make([]byte, 25, 25)
|
|
|
|
a[0] = netID
|
|
|
|
copy(a[1:], addrHash)
|
|
|
|
copy(a[21:], cksum[:4])
|
2013-09-12 02:52:35 +02:00
|
|
|
|
|
|
|
return Base58Encode(a), nil
|
|
|
|
}
|
|
|
|
|
2013-10-08 17:52:12 +02:00
|
|
|
// DecodeAddress decodes a human-readable payment address string
|
|
|
|
// returning the 20-byte decoded address, along with the Bitcoin
|
|
|
|
// network for the address.
|
2014-01-03 17:10:25 +01:00
|
|
|
//
|
|
|
|
// DEPRECATED - Use DecodeAddr to decode a string encoded address to
|
|
|
|
// the Address interface.
|
2013-10-08 17:52:12 +02:00
|
|
|
func DecodeAddress(addr string) (addrHash []byte, net btcwire.BitcoinNet, err error) {
|
2013-09-12 02:52:35 +02:00
|
|
|
decoded := Base58Decode(addr)
|
|
|
|
|
|
|
|
// Length of decoded address must be 20 bytes + 1 byte for a network
|
|
|
|
// identifier byte + 4 bytes of checksum.
|
|
|
|
if len(decoded) != ripemd160.Size+5 {
|
|
|
|
return nil, 0x00, ErrMalformedAddress
|
|
|
|
}
|
|
|
|
|
2013-10-08 17:52:12 +02:00
|
|
|
switch decoded[0] {
|
|
|
|
case MainNetAddr:
|
|
|
|
net = btcwire.MainNet
|
|
|
|
case TestNetAddr:
|
|
|
|
net = btcwire.TestNet3
|
|
|
|
default:
|
|
|
|
return nil, 0, ErrUnknownNet
|
2013-09-12 02:52:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Checksum is first four bytes of double SHA256 of the network byte
|
|
|
|
// and addrHash. Verify this matches the final 4 bytes of the decoded
|
|
|
|
// address.
|
2013-10-08 17:52:12 +02:00
|
|
|
tosum := decoded[:ripemd160.Size+1]
|
2013-09-12 02:52:35 +02:00
|
|
|
cksum := btcwire.DoubleSha256(tosum)[:4]
|
|
|
|
if !bytes.Equal(cksum, decoded[len(decoded)-4:]) {
|
2013-10-08 17:52:12 +02:00
|
|
|
return nil, net, ErrMalformedAddress
|
2013-09-12 02:52:35 +02:00
|
|
|
}
|
|
|
|
|
2013-10-08 17:52:12 +02:00
|
|
|
addrHash = make([]byte, ripemd160.Size, ripemd160.Size)
|
|
|
|
copy(addrHash, decoded[1:ripemd160.Size+1])
|
|
|
|
|
|
|
|
return addrHash, net, nil
|
2013-09-12 02:52:35 +02:00
|
|
|
}
|
2013-11-01 04:51:45 +01:00
|
|
|
|
2013-11-01 05:45:38 +01:00
|
|
|
// EncodePrivateKey takes a 32-byte private key and encodes it into the
|
|
|
|
// Wallet Import Format (WIF).
|
2013-11-06 18:34:57 +01:00
|
|
|
func EncodePrivateKey(privKey []byte, net btcwire.BitcoinNet, compressed bool) (string, error) {
|
2013-11-01 04:51:45 +01:00
|
|
|
if len(privKey) != 32 {
|
2013-11-01 05:45:38 +01:00
|
|
|
return "", ErrMalformedPrivateKey
|
2013-11-01 04:51:45 +01:00
|
|
|
}
|
|
|
|
|
2013-11-01 05:45:38 +01:00
|
|
|
var netID byte
|
|
|
|
switch net {
|
|
|
|
case btcwire.MainNet:
|
|
|
|
netID = MainNetKey
|
|
|
|
case btcwire.TestNet3:
|
|
|
|
netID = TestNetKey
|
|
|
|
default:
|
|
|
|
return "", ErrUnknownNet
|
|
|
|
}
|
|
|
|
|
|
|
|
tosum := append([]byte{netID}, privKey...)
|
2013-11-06 18:34:57 +01:00
|
|
|
if compressed {
|
|
|
|
tosum = append(tosum, 0x01)
|
|
|
|
}
|
2013-11-01 04:51:45 +01:00
|
|
|
cksum := btcwire.DoubleSha256(tosum)
|
|
|
|
|
2013-11-01 05:45:38 +01:00
|
|
|
// Private key before base58 encoding is 1 byte for netID, 32 bytes for
|
2013-11-06 18:34:57 +01:00
|
|
|
// privKey, plus an optional byte (0x01) if copressed, plus 4 bytes of checksum.
|
|
|
|
encodeLen := 37
|
|
|
|
if compressed {
|
|
|
|
encodeLen += 1
|
|
|
|
}
|
|
|
|
a := make([]byte, encodeLen, encodeLen)
|
2013-11-01 05:45:38 +01:00
|
|
|
a[0] = netID
|
2013-11-01 04:51:45 +01:00
|
|
|
copy(a[1:], privKey)
|
2013-11-06 18:34:57 +01:00
|
|
|
if compressed {
|
|
|
|
copy(a[32+1:], []byte{0x01})
|
|
|
|
copy(a[32+1+1:], cksum[:4])
|
|
|
|
} else {
|
|
|
|
copy(a[32+1:], cksum[:4])
|
|
|
|
}
|
2013-11-01 04:51:45 +01:00
|
|
|
return Base58Encode(a), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// DecodePrivateKey takes a Wallet Import Format (WIF) string and
|
|
|
|
// decodes into a 32-byte private key.
|
2013-11-06 18:34:57 +01:00
|
|
|
func DecodePrivateKey(wif string) ([]byte, btcwire.BitcoinNet, bool, error) {
|
2013-11-01 04:51:45 +01:00
|
|
|
decoded := Base58Decode(wif)
|
2013-11-06 18:34:57 +01:00
|
|
|
decodedLen := len(decoded)
|
|
|
|
compressed := false
|
|
|
|
|
|
|
|
// Length of decoded privkey must be 32 bytes + an optional 1 byte (0x01)
|
|
|
|
// if compressed, plus 1 byte for netID + 4 bytes of checksum
|
|
|
|
if decodedLen == 32+6 {
|
|
|
|
compressed = true
|
|
|
|
if decoded[33] != 0x01 {
|
|
|
|
return nil, 0, compressed, ErrMalformedPrivateKey
|
|
|
|
}
|
|
|
|
} else if decodedLen != 32+5 {
|
|
|
|
return nil, 0, compressed, ErrMalformedPrivateKey
|
2013-11-01 05:45:38 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
var net btcwire.BitcoinNet
|
|
|
|
switch decoded[0] {
|
|
|
|
case MainNetKey:
|
|
|
|
net = btcwire.MainNet
|
|
|
|
case TestNetKey:
|
|
|
|
net = btcwire.TestNet3
|
|
|
|
default:
|
2013-11-06 18:34:57 +01:00
|
|
|
return nil, 0, compressed, ErrUnknownNet
|
2013-11-01 04:51:45 +01:00
|
|
|
}
|
|
|
|
|
2013-11-01 05:45:38 +01:00
|
|
|
// Checksum is first four bytes of double SHA256 of the identifier byte
|
|
|
|
// and privKey. Verify this matches the final 4 bytes of the decoded
|
|
|
|
// private key.
|
2013-11-06 18:34:57 +01:00
|
|
|
var tosum []byte
|
|
|
|
if compressed {
|
|
|
|
tosum = decoded[:32+1+1]
|
|
|
|
} else {
|
|
|
|
tosum = decoded[:32+1]
|
|
|
|
}
|
2013-11-01 04:51:45 +01:00
|
|
|
cksum := btcwire.DoubleSha256(tosum)[:4]
|
2013-11-06 18:34:57 +01:00
|
|
|
if !bytes.Equal(cksum, decoded[decodedLen-4:]) {
|
|
|
|
return nil, 0, compressed, ErrMalformedPrivateKey
|
2013-11-01 04:51:45 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
privKey := make([]byte, 32, 32)
|
|
|
|
copy(privKey[:], decoded[1:32+1])
|
|
|
|
|
2013-11-06 18:34:57 +01:00
|
|
|
return privKey, net, compressed, nil
|
2013-11-01 04:51:45 +01:00
|
|
|
}
|