def create_wallet(seed=None): """ Generate a new wallet. The wallet uses a key pair and an address based on the SHA1 of the generated wallet's public key. The keys generated use the ECDSA key generation algorithm with the curve SECP256k1, the same as bitcoin. """ logging.debug("Creating wallet(seed={})".format(seed)) if seed is None: seed = ''.join([ random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(50) ]) seed = int(hashlib.sha256(seed).hexdigest(), 16) secret_exponent = randrange_from_seed__trytryagain( seed, SECP256k1.order) private_key = SigningKey.from_secret_exponent(secret_exponent, curve=SECP256k1) public_key = private_key.get_verifying_key() address = 'QC' + hashlib.sha1(public_key.to_string()).hexdigest() wallet = { 'private_key': binascii.b2a_base64(private_key.to_string()), 'public_key': binascii.b2a_base64(public_key.to_string()), 'address': address } return wallet
def getPrivateKeyFromPassPhrase(passphrase): logging.debug( f'getPrivateKeyFromPassPhrase called with passphrase {passphrase}') secexp = randrange_from_seed__trytryagain( hashlib.sha256(str(passphrase).encode(ENCODING)).hexdigest(), NIST256p.order) sk = SigningKey.from_secret_exponent(secexp, curve=NIST256p) return binaryStringFormat(sk.to_pem())
def signMessageFromPassPhrase(message, passphrase): logging.debug( f'signMessageFromPassPhrase call with message {message} and passphrase {passphrase}' ) secexp = randrange_from_seed__trytryagain( hashlib.sha256(str(passphrase).encode(ENCODING)).hexdigest(), NIST256p.order) sk = SigningKey.from_secret_exponent(secexp, curve=NIST256p) return signMessage(message, binaryStringFormat(sk.to_pem()))
def getPublicKeyFromPassPhrase(passphrase): logging.debug( f'getPublicKeyFromPassPhrase called with passphrase {passphrase}') secexp = randrange_from_seed__trytryagain( hashlib.sha256(str(passphrase).encode(ENCODING)).hexdigest(), NIST256p.order) sk = SigningKey.from_secret_exponent(secexp, curve=NIST256p) vk = sk.get_verifying_key() return '04' + vk.to_string().hex()
def verifyMessageFromPassPhrase(message, signedMessage, passphrase): logging.debug( f'verifyMessageFromPassPhrase call with message {message}, signedMessage {signedMessage} and passphrase {passphrase}' ) secexp = randrange_from_seed__trytryagain( hashlib.sha256(str(passphrase).encode(ENCODING)).hexdigest(), NIST256p.order) sk = SigningKey.from_secret_exponent(secexp, curve=NIST256p) vk = sk.get_verifying_key() return verifyMessage(message, signedMessage, vk.to_string().hex())
def __init__(self, name, privkey=None): """ A wallet object is initialized by a private key. """ self.name = name if privkey is None: secexp = randrange_from_seed__trytryagain( os.urandom(SECP256k1.baselen), SECP256k1.order) self.privkey = SigningKey.from_secret_exponent(secexp, curve=SECP256k1) else: self.privkey = privkey self.pubkey = self.privkey.get_verifying_key() self.address = tools.make_address([self.pubkey], 1)
def make_key_with_salt(seed, salt): """generates a key from a given seed, returns the key and a salt Args: seed Returns: signing key, a salt Raises: assertion failure if the signature is not verified """ ecdsa_seed = hash_256(seed + salt) secexp = randrange_from_seed__trytryagain(ecdsa_seed, SECP256k1.order) return SigningKey.from_secret_exponent(secexp, curve=SECP256k1), salt
def __init__(self, seed=None, signing_key=None): assert seed is None or signing_key is None if signing_key: self.signing_key = signing_key elif seed: secret_exp = randrange_from_seed__trytryagain(seed, CURVE.order) self.signing_key = SigningKey.from_secret_exponent(secret_exp, curve=CURVE) else: self.signing_key = SigningKey.generate(curve=CURVE) # The next two fields depend only on the signing_key self.verifying_key = self.signing_key.get_verifying_key() # note that if instead of to_string() we would use to_der() # or to_pem(), we could use different elliptic curves for different addresses self.address = self.verifying_key.to_string().hex()
def make_key(seed): """generates a key from a given seed, returns the key and a salt Args: seed Returns: signing key, a salt Raises: assertion failure if the signature is not verified """ random_bytes = hexlify(urandom(32)) salt = base64.urlsafe_b64encode(random_bytes) ecdsa_seed = hash_256(seed + salt) secexp = randrange_from_seed__trytryagain(ecdsa_seed, SECP256k1.order) return SigningKey.from_secret_exponent(secexp, curve=SECP256k1), salt
def genkey_main(): from ecdsa import SigningKey, NIST256p from ecdsa.util import randrange_from_seed__trytryagain if asked_for_help() or len(sys.argv) not in (2, 3): print( """ Generates key pair that can be used for Solo's signed firmware updates. usage: %s <output-pem-file> [input-seed-file] [-h] * Generates NIST P256 keypair. * Public key must be copied into correct source location in solo bootloader * The private key can be used for signing updates. * You may optionally supply a file to seed the RNG for key generating. """ % sys.argv[0] ) sys.exit(1) if len(sys.argv) > 2: seed = sys.argv[2] print('using input seed file ', seed) rng = open(seed, 'rb').read() secexp = randrange_from_seed__trytryagain(rng, NIST256p.order) sk = SigningKey.from_secret_exponent(secexp, curve=NIST256p) else: sk = SigningKey.generate(curve=NIST256p) sk_name = sys.argv[1] print('Signing key for signing device firmware: ' + sk_name) open(sk_name, 'wb+').write(sk.to_pem()) vk = sk.get_verifying_key() print('Public key in various formats:') print() print([c for c in vk.to_string()]) print() print(''.join(['%02x' % c for c in vk.to_string()])) print() print('"\\x' + '\\x'.join(['%02x' % c for c in vk.to_string()]) + '"') print()
def genkey(output_pem_file, input_seed_file=None): from ecdsa import NIST256p, SigningKey from ecdsa.util import randrange_from_seed__trytryagain if input_seed_file is not None: seed = input_seed_file print("using input seed file ", seed) rng = open(seed, "rb").read() secexp = randrange_from_seed__trytryagain(rng, NIST256p.order) sk = SigningKey.from_secret_exponent(secexp, curve=NIST256p) else: sk = SigningKey.generate(curve=NIST256p) sk_name = output_pem_file print(f"Signing key for signing device firmware: {sk_name}") with open(sk_name, "wb+") as fh: fh.write(sk.to_pem()) vk = sk.get_verifying_key() return vk
def make_key(seed): secexp = randrange_from_seed__trytryagain(seed) return SigningKey.from_secret_exponent(secexp)
from ecdsa import SigningKey, NIST256p from ecdsa.util import randrange_from_seed__trytryagain import sys if len(sys.argv) > 1: print('using input seed file ', sys.argv[1]) rng = open(sys.argv[1], 'rb').read() secexp = randrange_from_seed__trytryagain(rng, NIST256p.order) sk = SigningKey.from_secret_exponent(secexp, curve=NIST256p) else: sk = SigningKey.generate(curve=NIST256p) sk_name = 'signing_key.pem' print('Signing key for signing device firmware: ' + sk_name) open(sk_name, 'wb+').write(sk.to_pem()) vk = sk.get_verifying_key() print('Public key in various formats:') print() print([c for c in vk.to_string()]) print() print(''.join(['%02x' % c for c in vk.to_string()])) print() print('"\\x' + '\\x'.join(['%02x' % c for c in vk.to_string()]) + '"') print()
def _get_verifying_key_string(seed): # Returns the string of the verifying key, given the seed as input secret_exponent = randrange_from_seed__trytryagain(seed, NIST384p.order) signing_key = SigningKey.from_secret_exponent(secret_exponent, curve=NIST384p) return signing_key.get_verifying_key().to_string()
def make_Skey(self, seed): secexp = randrange_from_seed__trytryagain(seed, NIST384p.order) return SigningKey.from_secret_exponent(secexp, curve=NIST384p)
def make_key(rnd, max_range=BLS12_381_ORDER): secexp = randrange_from_seed__trytryagain(rnd, max_range) return SigningKey.from_secret_exponent(secexp, curve=SECP256k1)
def make_key_from_seed(seed, curve=SECP256k1): secexp = randrange_from_seed__trytryagain(seed, curve.order) return SigningKey.from_secret_exponent(secexp, curve)
def _get_signing_key(seed): # Transforming the seed in int (secret_exponent) of correct range and then returning a SigningKey aka private key # Opens the door for HD address generation secret_exponent = randrange_from_seed__trytryagain(seed, NIST384p.order) return SigningKey.from_secret_exponent(secret_exponent, curve=NIST384p)
def generate_wallet(self): seed = os.urandom(self.curve.baselen) secexp = randrange_from_seed__trytryagain(seed, self.curve.order) priv = SigningKey.from_secret_exponent(secexp, curve=self.curve, hashfunc=self.hash) pub = priv.get_verifying_key() return self.key_to_string(pub), self.key_to_string(priv), self.pub_to_address(self.key_to_string(pub))
def create_keypair(generator): secexp = randrange_from_seed__trytryagain(generator, SECP256k1.order) private_key = SigningKey.from_secret_exponent(secexp, curve=SECP256k1) public_key = private_key.get_verifying_key() return (private_key, public_key)
def secure_gen_private_key(seed): secexp = randrange_from_seed__trytryagain(seed, NIST384p.order) return SigningKey.from_secret_exponent(secexp, curve=NIST384p)