def sign(self, secret_exponent, val, gen_k=None):
nonce_function = None
if gen_k is not None:
k_as_bytes = to_bytes_32(gen_k(self.order(), secret_exponent, val))
def adaptor(nonce32_p, msg32_p, key32_p, algo16_p, data, attempt):
nonce32_p.contents[:] = list(iterbytes(k_as_bytes))
return 1
p_b32 = POINTER(c_byte * 32)
nonce_function = CFUNCTYPE(c_int, p_b32, p_b32, p_b32,
POINTER(c_byte * 16), c_void_p,
c_uint)(adaptor)
sig = create_string_buffer(64)
sig_hash_bytes = to_bytes_32(val)
libsecp256k1.secp256k1_ecdsa_sign(libsecp256k1.ctx, sig,
sig_hash_bytes,
to_bytes_32(secret_exponent),
nonce_function, None)
compact_signature = create_string_buffer(64)
libsecp256k1.secp256k1_ecdsa_signature_serialize_compact(
libsecp256k1.ctx, compact_signature, sig)
r = from_bytes_32(compact_signature[:32])
s = from_bytes_32(compact_signature[32:])
return (r, s)
def test_sign_verify_mutual_compatability(self):
if libsecp256k1 is None:
raise unittest.SkipTest("no libsecp256k1")
ctx = libsecp256k1.ctx
signature = create_string_buffer(64)
sighash = to_bytes_32(1000)
secret_key = to_bytes_32(100)
public_key = create_string_buffer(64)
r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key, secret_key)
self.assertEqual(r, 1)
self.assertEqual(
b2h(public_key),
'880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed'
'6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5'
)
r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash, secret_key, None, None)
self.assertEqual(r, 1)
r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature, sighash, public_key)
self.assertEqual(r, 1)
signature1 = signature[:-1] + int2byte(byte2int(signature[-1]) ^ 1)
r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature1, sighash, public_key)
self.assertEqual(r, 0)
def test_sign(self):
if libsecp256k1 is None:
raise unittest.SkipTest("no libsecp256k1")
ctx = libsecp256k1.ctx
sighash = to_bytes_32(1000)
secret_key = to_bytes_32(100)
public_key = create_string_buffer(64)
r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key, secret_key)
self.assertEqual(r, 1)
self.assertEqual(
b2h(public_key),
'880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed'
'6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5'
)
signature = create_string_buffer(64)
r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash, secret_key, None, None)
self.assertEqual(r, 1)
compact_signature = create_string_buffer(64)
libsecp256k1.secp256k1_ecdsa_signature_serialize_compact(ctx, compact_signature, signature)
r = from_bytes_32(compact_signature[:32])
s = from_bytes_32(compact_signature[32:])
signature = (r, s)
pubkey_size = c_size_t(65)
pubkey_serialized = create_string_buffer(65)
libsecp256k1.secp256k1_ec_pubkey_serialize(
ctx, pubkey_serialized, byref(pubkey_size), public_key, SECP256K1_EC_UNCOMPRESSED)
x = from_bytes_32(pubkey_serialized[1:33])
y = from_bytes_32(pubkey_serialized[33:])
legacy_secp256k1_group.verify((x, y), 1000, signature)
def multiply(self, p, e):
"""Multiply a point by an integer."""
e %= self.order()
if p == self._infinity or e == 0:
return self._infinity
pubkey = create_string_buffer(64)
public_pair_bytes = b'\4' + to_bytes_32(p[0]) + to_bytes_32(p[1])
r = libsecp256k1.secp256k1_ec_pubkey_parse(libsecp256k1.ctx, pubkey,
public_pair_bytes,
len(public_pair_bytes))
if not r:
return False
r = libsecp256k1.secp256k1_ec_pubkey_tweak_mul(libsecp256k1.ctx,
pubkey, to_bytes_32(e))
if not r:
return self._infinity
pubkey_serialized = create_string_buffer(65)
pubkey_size = c_size_t(65)
libsecp256k1.secp256k1_ec_pubkey_serialize(libsecp256k1.ctx,
pubkey_serialized,
byref(pubkey_size), pubkey,
SECP256K1_EC_UNCOMPRESSED)
x = from_bytes_32(pubkey_serialized[1:33])
y = from_bytes_32(pubkey_serialized[33:])
return self.Point(x, y)
def test_to_bytes_32(self):
for i in range(256):
v = to_bytes_32(i)
self.assertEqual(v, b'\0' * 31 + bytes(bytearray([i])))
for i in range(256, 512):
v = to_bytes_32(i)
self.assertEqual(v, b'\0' * 30 + bytes(bytearray([1, i & 0xff])))
def test_to_bytes_32(self):
for i in range(256):
v = to_bytes_32(i)
self.assertEqual(v, b'\0' * 31 + bytes(bytearray([i])))
for i in range(256, 512):
v = to_bytes_32(i)
self.assertEqual(v, b'\0' * 30 + bytes(bytearray([1, i & 0xff])))
def test_sign_verify_mutual_compatability(self):
if libsecp256k1 is None:
raise unittest.SkipTest("no libsecp256k1")
ctx = libsecp256k1.ctx
signature = create_string_buffer(64)
sighash = to_bytes_32(1000)
secret_key = to_bytes_32(100)
public_key = create_string_buffer(64)
r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key,
secret_key)
self.assertEqual(r, 1)
self.assertEqual(
b2h(public_key),
'880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed'
'6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5')
r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash,
secret_key, None, None)
self.assertEqual(r, 1)
r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature, sighash,
public_key)
self.assertEqual(r, 1)
signature1 = signature[:-1] + int2byte(byte2int(signature[-1]) ^ 1)
r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature1, sighash,
public_key)
self.assertEqual(r, 0)
def verify(self, public_pair, val, signature_pair):
sig = create_string_buffer(64)
input64 = to_bytes_32(signature_pair[0]) + to_bytes_32(signature_pair[1])
r = libsecp256k1.secp256k1_ecdsa_signature_parse_compact(libsecp256k1.ctx, sig, input64)
if not r:
return False
r = libsecp256k1.secp256k1_ecdsa_signature_normalize(libsecp256k1.ctx, sig, sig)
public_pair_bytes = b'\4' + to_bytes_32(public_pair[0]) + to_bytes_32(public_pair[1])
pubkey = create_string_buffer(64)
r = libsecp256k1.secp256k1_ec_pubkey_parse(
libsecp256k1.ctx, pubkey, public_pair_bytes, len(public_pair_bytes))
if not r:
return False
return 1 == libsecp256k1.secp256k1_ecdsa_verify(libsecp256k1.ctx, sig, to_bytes_32(val), pubkey)
def ethereum_address_for_public_pair(pair):
import sha3
from pycoin.encoding.bytes32 import to_bytes_32
public_blob = b''.join(to_bytes_32(p) for p in pair)
address = b2h(sha3.keccak_256(public_blob).digest()[12:])
try:
from web3 import Web3
return Web3.toChecksumAddress(address)
except (ImportError, ValueError) as e:
return "0x%s" % address
def test_bip143_tx_1(self):
tx_u1, tx_s1 = self.check_bip143_tx(
"0100000002fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad"
"969f0000000000eeffffffef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9"
"b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a9148280b37df3"
"78db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143bde42dbee7e"
"4dbe6a21b2d50ce2f0167faa815988ac11000000",
"01000000000102fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4"
"e4ad969f00000000494830450221008b9d1dc26ba6a9cb62127b02742fa9d754cd3beb"
"f337f7a55d114c8e5cdd30be022040529b194ba3f9281a99f2b1c0a19c0489bc22ede9"
"44ccf4ecbab4cc618ef3ed01eeffffffef51e1b804cc89d182d279655c3aa89e815b1b"
"309fe287d9b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a914"
"8280b37df378db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143b"
"de42dbee7e4dbe6a21b2d50ce2f0167faa815988ac000247304402203609e17b84f6a7"
"d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c45183315"
"61406f90300e8f3358f51928d43c212a8caed02de67eebee0121025476c2e83188368d"
"a1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee635711000000",
[(6.25,
"2103c9f4836b9a4f77fc0d81f7bcb01b7f1b35916864b9476c241ce9fc198bd25432ac"
),
(6, "00141d0f172a0ecb48aee1be1f2687d2963ae33f71a1")], 2, 2, 1, 17)
sc = tx_s1.SolutionChecker(tx_s1)
self.assertEqual(
b2h(sc._hash_prevouts(SIGHASH_ALL)),
"96b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd37")
self.assertEqual(
b2h(sc._hash_sequence(SIGHASH_ALL)),
"52b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3b")
self.assertEqual(
b2h(sc._hash_outputs(SIGHASH_ALL, 0)),
"863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e5")
script = BitcoinMainnet.ui._script_info.script_for_p2pkh(
tx_s1.unspents[1].script[2:])
self.assertEqual(
b2h(
sc._segwit_signature_preimage(script=script,
tx_in_idx=1,
hash_type=SIGHASH_ALL)),
"0100000096b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd"
"3752b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3bef51"
"e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a0100000019"
"76a9141d0f172a0ecb48aee1be1f2687d2963ae33f71a188ac0046c32300000000ffff"
"ffff863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e511"
"00000001000000")
self.assertEqual(
b2h(to_bytes_32(sc._signature_for_hash_type_segwit(script, 1, 1))),
"c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670")
self.check_tx_can_be_signed(tx_u1, tx_s1, [
0xbbc27228ddcb9209d7fd6f36b02f7dfa6252af40bb2f1cbc7a557da8027ff866,
0x619c335025c7f4012e556c2a58b2506e30b8511b53ade95ea316fd8c3286feb9
])
def sign(self, secret_exponent, val, gen_k=None):
nonce_function = None
if gen_k is not None:
k_as_bytes = to_bytes_32(gen_k(self.order(), secret_exponent, val))
def adaptor(nonce32_p, msg32_p, key32_p, algo16_p, data, attempt):
nonce32_p.contents[:] = list(iterbytes(k_as_bytes))
return 1
p_b32 = POINTER(c_byte*32)
nonce_function = CFUNCTYPE(c_int, p_b32, p_b32, p_b32, POINTER(c_byte*16), c_void_p, c_uint)(adaptor)
sig = create_string_buffer(64)
sig_hash_bytes = to_bytes_32(val)
libsecp256k1.secp256k1_ecdsa_sign(
libsecp256k1.ctx, sig, sig_hash_bytes, to_bytes_32(secret_exponent), nonce_function, None)
compact_signature = create_string_buffer(64)
libsecp256k1.secp256k1_ecdsa_signature_serialize_compact(libsecp256k1.ctx, compact_signature, sig)
r = from_bytes_32(compact_signature[:32])
s = from_bytes_32(compact_signature[32:])
return (r, s)
def wif(self, use_uncompressed=None):
"""
Return the WIF representation of this key, if available.
If use_uncompressed is not set, the preferred representation is returned.
"""
secret_exponent = self.secret_exponent()
if secret_exponent is None:
return None
blob = to_bytes_32(secret_exponent)
if not self._use_uncompressed(use_uncompressed):
blob += b'\01'
return self._ui_context.wif_for_blob(blob)
def wif(self, use_uncompressed=None, ui_context=None):
"""
Return the WIF representation of this key, if available.
If use_uncompressed is not set, the preferred representation is returned.
"""
secret_exponent = self.secret_exponent()
if secret_exponent is None:
return None
blob = to_bytes_32(secret_exponent)
if not self._use_uncompressed(use_uncompressed):
blob += b'\01'
return self._ui_context(ui_context).wif_for_blob(blob)
def __mul__(self, e):
e %= self.order()
if e == 0:
return self._infinity
pubkey = create_string_buffer(65)
libsecp256k1.secp256k1_ec_pubkey_create(libsecp256k1.ctx, pubkey, c_char_p(to_bytes_32(e)))
pubkey_size = c_size_t(65)
pubkey_serialized = create_string_buffer(65)
libsecp256k1.secp256k1_ec_pubkey_serialize(
libsecp256k1.ctx, pubkey_serialized, byref(pubkey_size), pubkey, SECP256K1_EC_UNCOMPRESSED)
x = from_bytes_32(pubkey_serialized[1:33])
y = from_bytes_32(pubkey_serialized[33:])
return self.Point(x, y)
def verify(self, public_pair, val, signature_pair):
sig = create_string_buffer(64)
input64 = to_bytes_32(signature_pair[0]) + to_bytes_32(
signature_pair[1])
r = libsecp256k1.secp256k1_ecdsa_signature_parse_compact(
libsecp256k1.ctx, sig, input64)
if not r:
return False
r = libsecp256k1.secp256k1_ecdsa_signature_normalize(
libsecp256k1.ctx, sig, sig)
public_pair_bytes = b'\4' + to_bytes_32(public_pair[0]) + to_bytes_32(
public_pair[1])
pubkey = create_string_buffer(64)
r = libsecp256k1.secp256k1_ec_pubkey_parse(libsecp256k1.ctx, pubkey,
public_pair_bytes,
len(public_pair_bytes))
if not r:
return False
return 1 == libsecp256k1.secp256k1_ecdsa_verify(
libsecp256k1.ctx, sig, to_bytes_32(val), pubkey)
def multiply(self, p, e):
"""Multiply a point by an integer."""
e %= self.order()
if p == self._infinity or e == 0:
return self._infinity
pubkey = create_string_buffer(64)
public_pair_bytes = b'\4' + to_bytes_32(p[0]) + to_bytes_32(p[1])
r = libsecp256k1.secp256k1_ec_pubkey_parse(
libsecp256k1.ctx, pubkey, public_pair_bytes, len(public_pair_bytes))
if not r:
return False
r = libsecp256k1.secp256k1_ec_pubkey_tweak_mul(libsecp256k1.ctx, pubkey, to_bytes_32(e))
if not r:
return self._infinity
pubkey_serialized = create_string_buffer(65)
pubkey_size = c_size_t(65)
libsecp256k1.secp256k1_ec_pubkey_serialize(
libsecp256k1.ctx, pubkey_serialized, byref(pubkey_size), pubkey, SECP256K1_EC_UNCOMPRESSED)
x = from_bytes_32(pubkey_serialized[1:33])
y = from_bytes_32(pubkey_serialized[33:])
return self.Point(x, y)
def wif(self, is_compressed=None):
"""
Return the WIF representation of this key, if available.
"""
secret_exponent = self.secret_exponent()
if secret_exponent is None:
return None
if is_compressed is None:
is_compressed = self.is_compressed()
blob = to_bytes_32(secret_exponent)
if is_compressed:
blob += b'\01'
return self._network.wif_for_blob(blob)
def test_bip143_tx_1(self):
tx_u1, tx_s1 = self.check_bip143_tx(
"0100000002fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad"
"969f0000000000eeffffffef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9"
"b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a9148280b37df3"
"78db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143bde42dbee7e"
"4dbe6a21b2d50ce2f0167faa815988ac11000000",
"01000000000102fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4"
"e4ad969f00000000494830450221008b9d1dc26ba6a9cb62127b02742fa9d754cd3beb"
"f337f7a55d114c8e5cdd30be022040529b194ba3f9281a99f2b1c0a19c0489bc22ede9"
"44ccf4ecbab4cc618ef3ed01eeffffffef51e1b804cc89d182d279655c3aa89e815b1b"
"309fe287d9b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a914"
"8280b37df378db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143b"
"de42dbee7e4dbe6a21b2d50ce2f0167faa815988ac000247304402203609e17b84f6a7"
"d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c45183315"
"61406f90300e8f3358f51928d43c212a8caed02de67eebee0121025476c2e83188368d"
"a1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee635711000000",
[
(6.25, "2103c9f4836b9a4f77fc0d81f7bcb01b7f1b35916864b9476c241ce9fc198bd25432ac"),
(6, "00141d0f172a0ecb48aee1be1f2687d2963ae33f71a1")
],
2,
2,
1,
17
)
sc = tx_s1.SolutionChecker(tx_s1)
self.assertEqual(b2h(sc._hash_prevouts(SIGHASH_ALL)),
"96b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd37")
self.assertEqual(b2h(sc._hash_sequence(SIGHASH_ALL)),
"52b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3b")
self.assertEqual(b2h(sc._hash_outputs(SIGHASH_ALL, 0)),
"863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e5")
script = BitcoinMainnet.ui._script_info.script_for_p2pkh(tx_s1.unspents[1].script[2:])
self.assertEqual(
b2h(sc._segwit_signature_preimage(script=script, tx_in_idx=1, hash_type=SIGHASH_ALL)),
"0100000096b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd"
"3752b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3bef51"
"e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a0100000019"
"76a9141d0f172a0ecb48aee1be1f2687d2963ae33f71a188ac0046c32300000000ffff"
"ffff863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e511"
"00000001000000")
self.assertEqual(b2h(to_bytes_32(sc._signature_for_hash_type_segwit(script, 1, 1))),
"c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670")
self.check_tx_can_be_signed(tx_u1, tx_s1, [
0xbbc27228ddcb9209d7fd6f36b02f7dfa6252af40bb2f1cbc7a557da8027ff866,
0x619c335025c7f4012e556c2a58b2506e30b8511b53ade95ea316fd8c3286feb9
])
def test_sign(self):
if libsecp256k1 is None:
raise unittest.SkipTest("no libsecp256k1")
ctx = libsecp256k1.ctx
sighash = to_bytes_32(1000)
secret_key = to_bytes_32(100)
public_key = create_string_buffer(64)
r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key,
secret_key)
self.assertEqual(r, 1)
self.assertEqual(
b2h(public_key),
'880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed'
'6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5')
signature = create_string_buffer(64)
r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash,
secret_key, None, None)
self.assertEqual(r, 1)
compact_signature = create_string_buffer(64)
libsecp256k1.secp256k1_ecdsa_signature_serialize_compact(
ctx, compact_signature, signature)
r = from_bytes_32(compact_signature[:32])
s = from_bytes_32(compact_signature[32:])
signature = (r, s)
pubkey_size = c_size_t(65)
pubkey_serialized = create_string_buffer(65)
libsecp256k1.secp256k1_ec_pubkey_serialize(ctx, pubkey_serialized,
byref(pubkey_size),
public_key,
SECP256K1_EC_UNCOMPRESSED)
x = from_bytes_32(pubkey_serialized[1:33])
y = from_bytes_32(pubkey_serialized[33:])
legacy_secp256k1_group.verify((x, y), 1000, signature)
def __mul__(self, e):
e %= self.order()
if e == 0:
return self._infinity
pubkey = create_string_buffer(65)
libsecp256k1.secp256k1_ec_pubkey_create(libsecp256k1.ctx, pubkey,
c_char_p(to_bytes_32(e)))
pubkey_size = c_size_t(65)
pubkey_serialized = create_string_buffer(65)
libsecp256k1.secp256k1_ec_pubkey_serialize(libsecp256k1.ctx,
pubkey_serialized,
byref(pubkey_size), pubkey,
SECP256K1_EC_UNCOMPRESSED)
x = from_bytes_32(pubkey_serialized[1:33])
y = from_bytes_32(pubkey_serialized[33:])
return self.Point(x, y)
def _get_k_from_node(self, node):
return to_bytes_32(node.secret_exponent())
def serialize(self):
if self._secret_exponent:
return to_bytes_32(self._secret_exponent)
return self.master_public_key()
def to_private(self, exponent):
return b2a_hashed_base58(b'\x80' + to_bytes_32(exponent) + b'\01')
def serialize(self):
if self._secret_exponent:
return to_bytes_32(self._secret_exponent)
return self.master_public_key()
def secret_exponent_to_wif(se, compressed):
blob = to_bytes_32(se)
if compressed:
blob += b'\01'
return BitcoinMainnet.ui.wif_for_blob(blob)
def _get_priv(self, key: BIP32Node) -> str:
return b2h(to_bytes_32(key.secret_exponent()))
def to_private(self, exponent):
return hexlify(to_bytes_32(exponent)).decode()
def do_test(sec_bytes, wif, address):
parsed = GroestlcoinMainnet.parse.wif(wif)
self.assertEqual(to_bytes_32(parsed.secret_exponent()), sec_bytes)
self.assertEqual(parsed.wif(), wif)
self.assertEqual(parsed.address(), address)
def do_test(sec_bytes, wif, address):
parsed = GroestlcoinMainnet.parse.wif(wif)
self.assertEqual(to_bytes_32(parsed.secret_exponent()), sec_bytes)
self.assertEqual(parsed.wif(), wif)
self.assertEqual(parsed.address(), address)
