def sign(self, secret_exponent, val, gen_k=None): nonce_function = None if gen_k is not None: k_as_bytes = to_bytes_32(gen_k(self.order(), secret_exponent, val)) def adaptor(nonce32_p, msg32_p, key32_p, algo16_p, data, attempt): nonce32_p.contents[:] = list(iterbytes(k_as_bytes)) return 1 p_b32 = POINTER(c_byte * 32) nonce_function = CFUNCTYPE(c_int, p_b32, p_b32, p_b32, POINTER(c_byte * 16), c_void_p, c_uint)(adaptor) sig = create_string_buffer(64) sig_hash_bytes = to_bytes_32(val) libsecp256k1.secp256k1_ecdsa_sign(libsecp256k1.ctx, sig, sig_hash_bytes, to_bytes_32(secret_exponent), nonce_function, None) compact_signature = create_string_buffer(64) libsecp256k1.secp256k1_ecdsa_signature_serialize_compact( libsecp256k1.ctx, compact_signature, sig) r = from_bytes_32(compact_signature[:32]) s = from_bytes_32(compact_signature[32:]) return (r, s)
def test_sign_verify_mutual_compatability(self): if libsecp256k1 is None: raise unittest.SkipTest("no libsecp256k1") ctx = libsecp256k1.ctx signature = create_string_buffer(64) sighash = to_bytes_32(1000) secret_key = to_bytes_32(100) public_key = create_string_buffer(64) r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key, secret_key) self.assertEqual(r, 1) self.assertEqual( b2h(public_key), '880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed' '6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5' ) r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash, secret_key, None, None) self.assertEqual(r, 1) r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature, sighash, public_key) self.assertEqual(r, 1) signature1 = signature[:-1] + int2byte(byte2int(signature[-1]) ^ 1) r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature1, sighash, public_key) self.assertEqual(r, 0)
def test_sign(self): if libsecp256k1 is None: raise unittest.SkipTest("no libsecp256k1") ctx = libsecp256k1.ctx sighash = to_bytes_32(1000) secret_key = to_bytes_32(100) public_key = create_string_buffer(64) r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key, secret_key) self.assertEqual(r, 1) self.assertEqual( b2h(public_key), '880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed' '6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5' ) signature = create_string_buffer(64) r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash, secret_key, None, None) self.assertEqual(r, 1) compact_signature = create_string_buffer(64) libsecp256k1.secp256k1_ecdsa_signature_serialize_compact(ctx, compact_signature, signature) r = from_bytes_32(compact_signature[:32]) s = from_bytes_32(compact_signature[32:]) signature = (r, s) pubkey_size = c_size_t(65) pubkey_serialized = create_string_buffer(65) libsecp256k1.secp256k1_ec_pubkey_serialize( ctx, pubkey_serialized, byref(pubkey_size), public_key, SECP256K1_EC_UNCOMPRESSED) x = from_bytes_32(pubkey_serialized[1:33]) y = from_bytes_32(pubkey_serialized[33:]) legacy_secp256k1_group.verify((x, y), 1000, signature)
def multiply(self, p, e): """Multiply a point by an integer.""" e %= self.order() if p == self._infinity or e == 0: return self._infinity pubkey = create_string_buffer(64) public_pair_bytes = b'\4' + to_bytes_32(p[0]) + to_bytes_32(p[1]) r = libsecp256k1.secp256k1_ec_pubkey_parse(libsecp256k1.ctx, pubkey, public_pair_bytes, len(public_pair_bytes)) if not r: return False r = libsecp256k1.secp256k1_ec_pubkey_tweak_mul(libsecp256k1.ctx, pubkey, to_bytes_32(e)) if not r: return self._infinity pubkey_serialized = create_string_buffer(65) pubkey_size = c_size_t(65) libsecp256k1.secp256k1_ec_pubkey_serialize(libsecp256k1.ctx, pubkey_serialized, byref(pubkey_size), pubkey, SECP256K1_EC_UNCOMPRESSED) x = from_bytes_32(pubkey_serialized[1:33]) y = from_bytes_32(pubkey_serialized[33:]) return self.Point(x, y)
def test_to_bytes_32(self): for i in range(256): v = to_bytes_32(i) self.assertEqual(v, b'\0' * 31 + bytes(bytearray([i]))) for i in range(256, 512): v = to_bytes_32(i) self.assertEqual(v, b'\0' * 30 + bytes(bytearray([1, i & 0xff])))
def test_sign_verify_mutual_compatability(self): if libsecp256k1 is None: raise unittest.SkipTest("no libsecp256k1") ctx = libsecp256k1.ctx signature = create_string_buffer(64) sighash = to_bytes_32(1000) secret_key = to_bytes_32(100) public_key = create_string_buffer(64) r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key, secret_key) self.assertEqual(r, 1) self.assertEqual( b2h(public_key), '880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed' '6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5') r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash, secret_key, None, None) self.assertEqual(r, 1) r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature, sighash, public_key) self.assertEqual(r, 1) signature1 = signature[:-1] + int2byte(byte2int(signature[-1]) ^ 1) r = libsecp256k1.secp256k1_ecdsa_verify(ctx, signature1, sighash, public_key) self.assertEqual(r, 0)
def verify(self, public_pair, val, signature_pair): sig = create_string_buffer(64) input64 = to_bytes_32(signature_pair[0]) + to_bytes_32(signature_pair[1]) r = libsecp256k1.secp256k1_ecdsa_signature_parse_compact(libsecp256k1.ctx, sig, input64) if not r: return False r = libsecp256k1.secp256k1_ecdsa_signature_normalize(libsecp256k1.ctx, sig, sig) public_pair_bytes = b'\4' + to_bytes_32(public_pair[0]) + to_bytes_32(public_pair[1]) pubkey = create_string_buffer(64) r = libsecp256k1.secp256k1_ec_pubkey_parse( libsecp256k1.ctx, pubkey, public_pair_bytes, len(public_pair_bytes)) if not r: return False return 1 == libsecp256k1.secp256k1_ecdsa_verify(libsecp256k1.ctx, sig, to_bytes_32(val), pubkey)
def ethereum_address_for_public_pair(pair): import sha3 from pycoin.encoding.bytes32 import to_bytes_32 public_blob = b''.join(to_bytes_32(p) for p in pair) address = b2h(sha3.keccak_256(public_blob).digest()[12:]) try: from web3 import Web3 return Web3.toChecksumAddress(address) except (ImportError, ValueError) as e: return "0x%s" % address
def test_bip143_tx_1(self): tx_u1, tx_s1 = self.check_bip143_tx( "0100000002fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad" "969f0000000000eeffffffef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9" "b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a9148280b37df3" "78db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143bde42dbee7e" "4dbe6a21b2d50ce2f0167faa815988ac11000000", "01000000000102fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4" "e4ad969f00000000494830450221008b9d1dc26ba6a9cb62127b02742fa9d754cd3beb" "f337f7a55d114c8e5cdd30be022040529b194ba3f9281a99f2b1c0a19c0489bc22ede9" "44ccf4ecbab4cc618ef3ed01eeffffffef51e1b804cc89d182d279655c3aa89e815b1b" "309fe287d9b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a914" "8280b37df378db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143b" "de42dbee7e4dbe6a21b2d50ce2f0167faa815988ac000247304402203609e17b84f6a7" "d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c45183315" "61406f90300e8f3358f51928d43c212a8caed02de67eebee0121025476c2e83188368d" "a1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee635711000000", [(6.25, "2103c9f4836b9a4f77fc0d81f7bcb01b7f1b35916864b9476c241ce9fc198bd25432ac" ), (6, "00141d0f172a0ecb48aee1be1f2687d2963ae33f71a1")], 2, 2, 1, 17) sc = tx_s1.SolutionChecker(tx_s1) self.assertEqual( b2h(sc._hash_prevouts(SIGHASH_ALL)), "96b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd37") self.assertEqual( b2h(sc._hash_sequence(SIGHASH_ALL)), "52b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3b") self.assertEqual( b2h(sc._hash_outputs(SIGHASH_ALL, 0)), "863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e5") script = BitcoinMainnet.ui._script_info.script_for_p2pkh( tx_s1.unspents[1].script[2:]) self.assertEqual( b2h( sc._segwit_signature_preimage(script=script, tx_in_idx=1, hash_type=SIGHASH_ALL)), "0100000096b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd" "3752b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3bef51" "e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a0100000019" "76a9141d0f172a0ecb48aee1be1f2687d2963ae33f71a188ac0046c32300000000ffff" "ffff863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e511" "00000001000000") self.assertEqual( b2h(to_bytes_32(sc._signature_for_hash_type_segwit(script, 1, 1))), "c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670") self.check_tx_can_be_signed(tx_u1, tx_s1, [ 0xbbc27228ddcb9209d7fd6f36b02f7dfa6252af40bb2f1cbc7a557da8027ff866, 0x619c335025c7f4012e556c2a58b2506e30b8511b53ade95ea316fd8c3286feb9 ])
def sign(self, secret_exponent, val, gen_k=None): nonce_function = None if gen_k is not None: k_as_bytes = to_bytes_32(gen_k(self.order(), secret_exponent, val)) def adaptor(nonce32_p, msg32_p, key32_p, algo16_p, data, attempt): nonce32_p.contents[:] = list(iterbytes(k_as_bytes)) return 1 p_b32 = POINTER(c_byte*32) nonce_function = CFUNCTYPE(c_int, p_b32, p_b32, p_b32, POINTER(c_byte*16), c_void_p, c_uint)(adaptor) sig = create_string_buffer(64) sig_hash_bytes = to_bytes_32(val) libsecp256k1.secp256k1_ecdsa_sign( libsecp256k1.ctx, sig, sig_hash_bytes, to_bytes_32(secret_exponent), nonce_function, None) compact_signature = create_string_buffer(64) libsecp256k1.secp256k1_ecdsa_signature_serialize_compact(libsecp256k1.ctx, compact_signature, sig) r = from_bytes_32(compact_signature[:32]) s = from_bytes_32(compact_signature[32:]) return (r, s)
def wif(self, use_uncompressed=None): """ Return the WIF representation of this key, if available. If use_uncompressed is not set, the preferred representation is returned. """ secret_exponent = self.secret_exponent() if secret_exponent is None: return None blob = to_bytes_32(secret_exponent) if not self._use_uncompressed(use_uncompressed): blob += b'\01' return self._ui_context.wif_for_blob(blob)
def wif(self, use_uncompressed=None, ui_context=None): """ Return the WIF representation of this key, if available. If use_uncompressed is not set, the preferred representation is returned. """ secret_exponent = self.secret_exponent() if secret_exponent is None: return None blob = to_bytes_32(secret_exponent) if not self._use_uncompressed(use_uncompressed): blob += b'\01' return self._ui_context(ui_context).wif_for_blob(blob)
def __mul__(self, e): e %= self.order() if e == 0: return self._infinity pubkey = create_string_buffer(65) libsecp256k1.secp256k1_ec_pubkey_create(libsecp256k1.ctx, pubkey, c_char_p(to_bytes_32(e))) pubkey_size = c_size_t(65) pubkey_serialized = create_string_buffer(65) libsecp256k1.secp256k1_ec_pubkey_serialize( libsecp256k1.ctx, pubkey_serialized, byref(pubkey_size), pubkey, SECP256K1_EC_UNCOMPRESSED) x = from_bytes_32(pubkey_serialized[1:33]) y = from_bytes_32(pubkey_serialized[33:]) return self.Point(x, y)
def verify(self, public_pair, val, signature_pair): sig = create_string_buffer(64) input64 = to_bytes_32(signature_pair[0]) + to_bytes_32( signature_pair[1]) r = libsecp256k1.secp256k1_ecdsa_signature_parse_compact( libsecp256k1.ctx, sig, input64) if not r: return False r = libsecp256k1.secp256k1_ecdsa_signature_normalize( libsecp256k1.ctx, sig, sig) public_pair_bytes = b'\4' + to_bytes_32(public_pair[0]) + to_bytes_32( public_pair[1]) pubkey = create_string_buffer(64) r = libsecp256k1.secp256k1_ec_pubkey_parse(libsecp256k1.ctx, pubkey, public_pair_bytes, len(public_pair_bytes)) if not r: return False return 1 == libsecp256k1.secp256k1_ecdsa_verify( libsecp256k1.ctx, sig, to_bytes_32(val), pubkey)
def multiply(self, p, e): """Multiply a point by an integer.""" e %= self.order() if p == self._infinity or e == 0: return self._infinity pubkey = create_string_buffer(64) public_pair_bytes = b'\4' + to_bytes_32(p[0]) + to_bytes_32(p[1]) r = libsecp256k1.secp256k1_ec_pubkey_parse( libsecp256k1.ctx, pubkey, public_pair_bytes, len(public_pair_bytes)) if not r: return False r = libsecp256k1.secp256k1_ec_pubkey_tweak_mul(libsecp256k1.ctx, pubkey, to_bytes_32(e)) if not r: return self._infinity pubkey_serialized = create_string_buffer(65) pubkey_size = c_size_t(65) libsecp256k1.secp256k1_ec_pubkey_serialize( libsecp256k1.ctx, pubkey_serialized, byref(pubkey_size), pubkey, SECP256K1_EC_UNCOMPRESSED) x = from_bytes_32(pubkey_serialized[1:33]) y = from_bytes_32(pubkey_serialized[33:]) return self.Point(x, y)
def wif(self, is_compressed=None): """ Return the WIF representation of this key, if available. """ secret_exponent = self.secret_exponent() if secret_exponent is None: return None if is_compressed is None: is_compressed = self.is_compressed() blob = to_bytes_32(secret_exponent) if is_compressed: blob += b'\01' return self._network.wif_for_blob(blob)
def test_bip143_tx_1(self): tx_u1, tx_s1 = self.check_bip143_tx( "0100000002fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad" "969f0000000000eeffffffef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9" "b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a9148280b37df3" "78db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143bde42dbee7e" "4dbe6a21b2d50ce2f0167faa815988ac11000000", "01000000000102fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4" "e4ad969f00000000494830450221008b9d1dc26ba6a9cb62127b02742fa9d754cd3beb" "f337f7a55d114c8e5cdd30be022040529b194ba3f9281a99f2b1c0a19c0489bc22ede9" "44ccf4ecbab4cc618ef3ed01eeffffffef51e1b804cc89d182d279655c3aa89e815b1b" "309fe287d9b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a914" "8280b37df378db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143b" "de42dbee7e4dbe6a21b2d50ce2f0167faa815988ac000247304402203609e17b84f6a7" "d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c45183315" "61406f90300e8f3358f51928d43c212a8caed02de67eebee0121025476c2e83188368d" "a1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee635711000000", [ (6.25, "2103c9f4836b9a4f77fc0d81f7bcb01b7f1b35916864b9476c241ce9fc198bd25432ac"), (6, "00141d0f172a0ecb48aee1be1f2687d2963ae33f71a1") ], 2, 2, 1, 17 ) sc = tx_s1.SolutionChecker(tx_s1) self.assertEqual(b2h(sc._hash_prevouts(SIGHASH_ALL)), "96b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd37") self.assertEqual(b2h(sc._hash_sequence(SIGHASH_ALL)), "52b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3b") self.assertEqual(b2h(sc._hash_outputs(SIGHASH_ALL, 0)), "863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e5") script = BitcoinMainnet.ui._script_info.script_for_p2pkh(tx_s1.unspents[1].script[2:]) self.assertEqual( b2h(sc._segwit_signature_preimage(script=script, tx_in_idx=1, hash_type=SIGHASH_ALL)), "0100000096b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd" "3752b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3bef51" "e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a0100000019" "76a9141d0f172a0ecb48aee1be1f2687d2963ae33f71a188ac0046c32300000000ffff" "ffff863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e511" "00000001000000") self.assertEqual(b2h(to_bytes_32(sc._signature_for_hash_type_segwit(script, 1, 1))), "c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670") self.check_tx_can_be_signed(tx_u1, tx_s1, [ 0xbbc27228ddcb9209d7fd6f36b02f7dfa6252af40bb2f1cbc7a557da8027ff866, 0x619c335025c7f4012e556c2a58b2506e30b8511b53ade95ea316fd8c3286feb9 ])
def test_sign(self): if libsecp256k1 is None: raise unittest.SkipTest("no libsecp256k1") ctx = libsecp256k1.ctx sighash = to_bytes_32(1000) secret_key = to_bytes_32(100) public_key = create_string_buffer(64) r = libsecp256k1.secp256k1_ec_pubkey_create(ctx, public_key, secret_key) self.assertEqual(r, 1) self.assertEqual( b2h(public_key), '880f50f7ceb4210289266a40b306e33ef52bb75f834c172e65175e3ce2ac3bed' '6e2835e3d57ae1fcd0954808be17bd97bf871f7a8a5edadcffcc8812576f7ae5') signature = create_string_buffer(64) r = libsecp256k1.secp256k1_ecdsa_sign(ctx, signature, sighash, secret_key, None, None) self.assertEqual(r, 1) compact_signature = create_string_buffer(64) libsecp256k1.secp256k1_ecdsa_signature_serialize_compact( ctx, compact_signature, signature) r = from_bytes_32(compact_signature[:32]) s = from_bytes_32(compact_signature[32:]) signature = (r, s) pubkey_size = c_size_t(65) pubkey_serialized = create_string_buffer(65) libsecp256k1.secp256k1_ec_pubkey_serialize(ctx, pubkey_serialized, byref(pubkey_size), public_key, SECP256K1_EC_UNCOMPRESSED) x = from_bytes_32(pubkey_serialized[1:33]) y = from_bytes_32(pubkey_serialized[33:]) legacy_secp256k1_group.verify((x, y), 1000, signature)
def __mul__(self, e): e %= self.order() if e == 0: return self._infinity pubkey = create_string_buffer(65) libsecp256k1.secp256k1_ec_pubkey_create(libsecp256k1.ctx, pubkey, c_char_p(to_bytes_32(e))) pubkey_size = c_size_t(65) pubkey_serialized = create_string_buffer(65) libsecp256k1.secp256k1_ec_pubkey_serialize(libsecp256k1.ctx, pubkey_serialized, byref(pubkey_size), pubkey, SECP256K1_EC_UNCOMPRESSED) x = from_bytes_32(pubkey_serialized[1:33]) y = from_bytes_32(pubkey_serialized[33:]) return self.Point(x, y)
def _get_k_from_node(self, node): return to_bytes_32(node.secret_exponent())
def serialize(self): if self._secret_exponent: return to_bytes_32(self._secret_exponent) return self.master_public_key()
def to_private(self, exponent): return b2a_hashed_base58(b'\x80' + to_bytes_32(exponent) + b'\01')
def secret_exponent_to_wif(se, compressed): blob = to_bytes_32(se) if compressed: blob += b'\01' return BitcoinMainnet.ui.wif_for_blob(blob)
def _get_priv(self, key: BIP32Node) -> str: return b2h(to_bytes_32(key.secret_exponent()))
def to_private(self, exponent): return hexlify(to_bytes_32(exponent)).decode()
def do_test(sec_bytes, wif, address): parsed = GroestlcoinMainnet.parse.wif(wif) self.assertEqual(to_bytes_32(parsed.secret_exponent()), sec_bytes) self.assertEqual(parsed.wif(), wif) self.assertEqual(parsed.address(), address)