def generate_pub_address_from_secret(secret):
# secp256k1, not included in stock ecdsa
_p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2FL
_r = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141L
_b = 0x0000000000000000000000000000000000000000000000000000000000000007L
_a = 0x0000000000000000000000000000000000000000000000000000000000000000L
_Gx = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798L
_Gy = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8L
curve_256 = CurveFp(_p, _a, _b)
generator = Point(curve_256, _Gx, _Gy, _r)
# secret = randrange(1, generator.order())
pubkey = Public_key(generator, generator * secret)
step1 = '\x04' + int_to_string(pubkey.point.x()) + int_to_string(
pubkey.point.y())
step2 = hashlib.sha256(step1).digest()
ripehash.update(step2)
step4 = '\x3f' + ripehash.digest()
step5 = hashlib.sha256(step4).digest()
step6 = hashlib.sha256(step5).digest()
chksum = step6[:4]
addr = step4 + chksum
addr_58 = b58encode(addr)
return (secret, hex(secret)[2:-1], binascii.hexlify(step1),
binascii.hexlify(addr), addr_58)
def _kirk11_curve():
# ECDSA curve
p = 0xFFFFFFFFFFFFFFFF00000001FFFFFFFFFFFFFFFF
a = -3
b = 0xA68BEDC33418029C1D3CE33B9A321FCCBB9E0F0B
Gx = 0x128EC4256487FD8FDF64E2437BC0A1F6D5AFDE2C
Gy = 0x5958557EB1DB001260425524DBC379D5AC5F4ADF
r = 0xFFFFFFFFFFFFFFFEFFFFB5AE3C523E63944F2127
curve = CurveFp(p, a, b)
generator = Point(curve, Gx, Gy, r)
return Curve("kirk11", curve, generator, (1, 3, 3, 7, 4))
def _kirk1_curve():
# ECDSA curve
p = 0xFFFFFFFFFFFFFFFF00000001FFFFFFFFFFFFFFFF
a = -3
b = 0x65D1488C0359E234ADC95BD3908014BD91A525F9
Gx = 0x2259ACEE15489CB096A882F0AE1CF9FD8EE5F8FA
Gy = 0x604358456D0A1CB2908DE90F27D75C82BEC108C0
r = 0xffffffffffffffff0001b5c617f290eae1dbad8f
curve = CurveFp(p, a, b)
generator = Point(curve, Gx, Gy, r)
return Curve("kirk1", curve, generator, (1, 3, 3, 7, 4))
def __load_brainpool(self):
# Brainpool P-256-r1
_a = 0x7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9
_b = 0x26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6
_p = 0xA9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377
_Gx = 0x8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262
_Gy = 0x547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997
self._q = 0xA9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7
self.curve_brainpoolp256r1 = CurveFp(_p, _a, _b)
self.pointG = Point(self.curve_brainpoolp256r1, _Gx, _Gy, self._q)
def __load_brainpool(self):
# elliptic curve domain parameters = Brainpool P-256-r1 (TR3110 0x0D). NOT chosen in pace_oid.
# Parameters for Brainpool P-256-r1 from https://tools.ietf.org/html/rfc5639#section-3.4
_a = 0x7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9
_b = 0x26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6
_p = 0xA9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377
_Gx = 0x8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262
_Gy = 0x547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997
self._q = 0xA9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7 #subgroup of p. every point has this order [https://andrea.corbellini.name/2015/05/23/elliptic-curve-cryptography-finite-fields-and-discrete-logarithms/]
self.curve_brainpoolp256r1 = CurveFp(_p, _a, _b)
self.pointG = Point(
self.curve_brainpoolp256r1, _Gx, _Gy,
self._q) #curve,x,y,order (of the point's and curve's subgroup)
class PublicKey:
_p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
_r = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
_b = 0x0000000000000000000000000000000000000000000000000000000000000007
_a = 0x0000000000000000000000000000000000000000000000000000000000000000
_Gx = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
_Gy = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8
_curve = CurveFp(_p, _a, _b)
_generator = Point(_curve, _Gx, _Gy, _r)
UNCOMPRESSED_PREFIX = '04'
ODD_PREFIX = '03'
EVEN_PREFIX = '02'
TESTNET_PREFIX = '6f'
MAINNET_PREFIX = '00'
def __init__(self, private_key: PrivateKey):
self._point = self._generator * int(private_key)
self._testnet = private_key.is_testnet_key()
self._compressed = private_key.is_compressed()
def point(self) -> Point:
Point = namedtuple('Point', ['x', 'y'])
return Point(self._point.x(), self._point.y())
def get_address(self) -> bytes:
key = self._get_key_as_hex_string()
hash = self._get_network_prefix() + hash160(key)
checksum = self._calculate_checksum(hash)
return base58encode(hash + checksum)
def _get_key_as_hex_string(self) -> str:
if self._compressed:
return self._get_parity_prefix() + hex_string(self._point.x())
return self.UNCOMPRESSED_PREFIX + hex_string(
self._point.x()) + hex_string(self._point.y())
def _get_parity_prefix(self):
return self.ODD_PREFIX if self._point.y(
) % 2 == 1 else self.EVEN_PREFIX
def _get_network_prefix(self) -> str:
return self.TESTNET_PREFIX if self._testnet else self.MAINNET_PREFIX
def _calculate_checksum(self, hex_str: str) -> str:
return hash256(hex_str)[:8]
def import_curve(p, a, b, g, r, name="dummyName", oid=(1, 3, 132, 0, 0xff)):
"""
Create an ecdsa.curves.Curve from the usual parameters.
Arguments may be either octet strings or integers,
except g which we expect to be an octet string.
"""
if isinstance(p, str):
p = pkcs_os2ip(p)
if isinstance(a, str):
a = pkcs_os2ip(a)
if isinstance(b, str):
b = pkcs_os2ip(b)
if isinstance(r, str):
r = pkcs_os2ip(r)
curve = CurveFp(p, a, b)
x, y = extract_coordinates(g, curve)
generator = Point(curve, x, y, r)
return Curve(name, curve, generator, oid)
# Named curves
##############################################################
# We always provide _a as a positive integer.
_p = long_converter("""
ffffffff ffffffff ffffffff fffffffe ffffac73""")
_a = 0
_b = 7
_Gx = long_converter("""
3b4c382c e37aa192 a4019e76 3036f4f5 dd4d7ebb""")
_Gy = long_converter("""
938cf935 318fdced 6bc28286 531733c3 f03c4fee""")
_r = long_converter("""01
00000000 00000000 0001b8fa 16dfab9a ca16b6b3""")
curve = CurveFp(_p, _a, _b)
generator = Point(curve, _Gx, _Gy, _r)
SECP160k1 = Curve("SECP160k1", curve, generator,
(1, 3, 132, 0, 9), "secp160k1")
_p = long_converter("""
ffffffff ffffffff ffffffff ffffffff 7fffffff""")
_a = -3 % _p
_b = long_converter("""
1c97befc 54bd7a8b 65acf89f 81d4d4ad c565fa45""")
_Gx = long_converter("""
4a96b568 8ef57328 46646989 68c38bb9 13cbfc82""")
_Gy = long_converter("""
23a62855 3168947d 59dcc912 04235137 7ac5fb32""")
_r = long_converter("""01
00000000 00000000 0001f4c8 f927aed3 ca752257""")
def recover_Q(ra, sa, za):
g = PointJacobi(CurveFp(mod, a, b), G[0], G[1], G[2], n, generator=True)
Q = Signature(ra, sa).recover_public_keys(za, g)[0]
return (Q.point.x(), Q.point.y(), 1)
def __init__(self, secret):
curve = CurveFp(_p, _a, _b)
generator = Point(curve, _Gx, _Gy, _r)
self.pubkey = Public_key(generator, generator * secret)
self.privkey = Private_key(self.pubkey, secret)
self.secret = secret
You should have received a copy of the GNU General Public License
along with CoinParty. If not, see <http://www.gnu.org/licenses/>. """
from ecdsa.ellipticcurve import CurveFp, Point
bitcoin_order = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141L
""" When secret-sharing hashs (arbitrary 256-bit values), bitcoin_order may
not be used, since it is too small to fit each possible hash value.
Thus, we use the prime (2^265)-49, which is sufficiently large.
Prime derived from http://primes.utm.edu/lists/2small/200bit.html """
hash_order = 0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffcf
hash_modulus = 0x10000000000000000000000000000000000000000000000000000000000000000
""" Bitcoin ECC parameters
_p, _a, _b: Description of secp256k1 for the ecdsa module
_Gx, Gy: Coordinates of generator (uncompressed form)
n: Order of the generator
_h: Cofactor
c.f.: https://en.bitcoin.it/wiki/Secp256k1 """
_p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2FL
_a = 0x0000000000000000000000000000000000000000000000000000000000000000L
_b = 0x0000000000000000000000000000000000000000000000000000000000000007L
_Gx = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798L
_Gy = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8L
n = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141L
_h = 0x01L
bitcoin_curve = CurveFp(_p, _a, _b)
G = Point(bitcoin_curve, _Gx, _Gy, n)