def compute_tx_key(spend_key_private,
tx_prefix_hash,
salt=None,
rand_mult=None):
"""
:param spend_key_private:
:param tx_prefix_hash:
:param salt:
:param rand_mult:
:return:
"""
if not salt:
salt = crypto.random_bytes(32)
if not rand_mult:
rand_mult_num = crypto.random_scalar()
rand_mult = crypto.encodeint(rand_mult_num)
else:
rand_mult_num = crypto.decodeint(rand_mult)
rand_inp = crypto.sc_add(spend_key_private, rand_mult_num)
passwd = crypto.keccak_2hash(crypto.encodeint(rand_inp) + tx_prefix_hash)
tx_key = crypto.compute_hmac(salt, passwd)
# tx_key = crypto.pbkdf2(passwd, salt, count=100)
return tx_key, salt, rand_mult
def hmac_key_txout_asig(self, idx):
"""
rsig[i] hmac key. Range signature HMAC
:param idx:
:return:
"""
from monero_serialize.core.int_serialize import dump_uvarint_b
return crypto.keccak_2hash(self.key_hmac + b"txout-asig" + dump_uvarint_b(idx))
async def compute_sec_keys(self, tsx_data, tsx_ctr):
"""
Generate master key H(TsxData || r || c_tsx)
:return:
"""
from monero_glue.xmr.sub.keccak_hasher import get_keccak_writer
from monero_serialize import xmrserialize
writer = get_keccak_writer()
ar1 = xmrserialize.Archive(writer, True)
await ar1.message(tsx_data)
await writer.awrite(crypto.encodeint(self.r))
await xmrserialize.dump_uvarint(writer, tsx_ctr)
self.key_master = crypto.keccak_2hash(
writer.get_digest() + crypto.encodeint(crypto.random_scalar())
)
self.key_hmac = crypto.keccak_2hash(b"hmac" + self.key_master)
self.key_enc = crypto.keccak_2hash(b"enc" + self.key_master)
def enc_key_spend(self, idx):
"""
Chacha20Poly1305 encryption key for alpha[i] used in Pedersen commitment in pseudo_outs[i]
:param idx:
:return:
"""
from monero_serialize.core.int_serialize import dump_uvarint_b
return crypto.keccak_2hash(self.key_enc + b"txin-spend" + dump_uvarint_b(idx))
def hmac_key_txout(self, idx):
"""
(TxDestinationEntry[i] || tx.vout[i]) hmac key
:param idx:
:return:
"""
from monero_serialize.core.int_serialize import dump_uvarint_b
return crypto.keccak_2hash(self.key_hmac + b"txout" + dump_uvarint_b(idx))
def hmac_key_txin_comm(self, idx):
"""
pseudo_outputs[i] hmac key. Pedersen commitment for inputs.
:param idx:
:return:
"""
from monero_serialize.core.int_serialize import dump_uvarint_b
return crypto.keccak_2hash(self.key_hmac + b"txin-comm" + dump_uvarint_b(idx))
def hmac_key_txin(self, idx):
"""
(TxSourceEntry[i] || tx.vin[i]) hmac key
:param idx:
:return:
"""
from monero_serialize.core.int_serialize import dump_uvarint_b
return crypto.keccak_2hash(self.key_hmac + b"txin" + dump_uvarint_b(idx))
def enc_key_cout(self, idx=None):
"""
Chacha20Poly1305 encryption key for multisig C values from MLASG.
:param idx:
:return:
"""
from monero_serialize.core.int_serialize import dump_uvarint_b
return crypto.keccak_2hash(
self.key_enc + b"cout" + (dump_uvarint_b(idx) if idx else b"")
)
async def store_cdata(self, cdata, signed_tx, tx, transfers):
"""
Stores transaction data for later usage.
- cdata.enc_salt1, cdata.enc_salt2, cdata.enc_keys
- tx_keys are AEAD protected, key derived from spend key - only token can open.
- construction data for further proofs.
:param cdata:
:param signed_tx:
:param tx:
:param transfers:
:return:
"""
hash = cdata.tx_prefix_hash
prefix = binascii.hexlify(hash[:12])
tx_key_salt = crypto.random_bytes(32)
tx_key_inp = hash + crypto.encodeint(self.priv_view)
tx_view_key = crypto.pbkdf2(tx_key_inp, tx_key_salt, 2048)
unsigned_data = xmrtypes.UnsignedTxSet()
unsigned_data.txes = [tx]
unsigned_data.transfers = transfers if transfers is not None else []
writer = xmrserialize.MemoryReaderWriter()
ar = xmrboost.Archive(writer, True)
await ar.root()
await ar.message(unsigned_data)
unsigned_key = crypto.keccak_2hash(b'unsigned;' + tx_view_key)
ciphertext = chacha_poly.encrypt_pack(unsigned_key,
bytes(writer.get_buffer()))
# Serialize signed transaction
writer = xmrserialize.MemoryReaderWriter()
ar = xmrserialize.Archive(writer, True)
await ar.root()
await ar.message(signed_tx)
signed_tx_bytes = writer.get_buffer()
signed_tx_hmac_key = crypto.keccak_2hash(b'hmac;' + tx_view_key)
signed_tx_hmac = crypto.compute_hmac(signed_tx_hmac_key,
signed_tx_bytes)
try:
js = {
"time": int(time.time()),
"hash": binascii.hexlify(hash).decode("ascii"),
"enc_salt1": binascii.hexlify(cdata.enc_salt1).decode("ascii"),
"enc_salt2": binascii.hexlify(cdata.enc_salt2).decode("ascii"),
"tx_keys": binascii.hexlify(cdata.enc_keys).decode("ascii"),
"unsigned_data": binascii.hexlify(ciphertext).decode("ascii"),
"tx_salt": binascii.hexlify(tx_key_salt).decode("ascii"),
"tx_signed": binascii.hexlify(signed_tx_bytes).decode("ascii"),
"tx_signed_hmac":
binascii.hexlify(signed_tx_hmac).decode("ascii"),
}
with open("transaction_%s.json" % prefix.decode("ascii"),
"w") as fh:
json.dump(js, fh, indent=2)
fh.write("\n")
except Exception as e:
self.trace_logger.log(e)
print("Unable to save transaction data for transaction %s" %
binascii.hexlify(hash).decode("ascii"))
def _compute_ki_enc_key_host(view_key_private, prefix, salt):
passwd = crypto.keccak_2hash(
crypto.encodeint(view_key_private) + prefix)
enc_key = crypto.compute_hmac(salt, passwd)
return enc_key
def _compute_tx_key_host(view_key_private, tx_prefix_hash, salt):
passwd = crypto.keccak_2hash(
crypto.encodeint(view_key_private) + tx_prefix_hash)
tx_key = crypto.compute_hmac(salt, passwd)
return tx_key