Merge pull request #352 from nspcc-dev/drop-bad-crypto-fix-245

Really simplifies our crypto library and fixes #245.
This commit is contained in:
Roman Khimov 2019-09-05 13:18:17 +03:00 committed by GitHub
commit bcd81bcfb2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 134 additions and 496 deletions

View file

@ -4,7 +4,6 @@ import (
"bytes" "bytes"
"testing" "testing"
"github.com/CityOfZion/neo-go/pkg/crypto"
"github.com/CityOfZion/neo-go/pkg/crypto/keys" "github.com/CityOfZion/neo-go/pkg/crypto/keys"
"github.com/CityOfZion/neo-go/pkg/util" "github.com/CityOfZion/neo-go/pkg/util"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@ -18,9 +17,9 @@ func TestDecodeEncodeAccountState(t *testing.T) {
) )
for i := 0; i < n; i++ { for i := 0; i < n; i++ {
balances[randomUint256()] = util.Fixed8(int64(randomInt(1, 10000))) balances[randomUint256()] = util.Fixed8(int64(randomInt(1, 10000)))
votes[i] = &keys.PublicKey{ k, err := keys.NewPrivateKey()
ECPoint: crypto.RandomECPoint(), assert.Nil(t, err)
} votes[i] = k.PublicKey()
} }
a := &AccountState{ a := &AccountState{

View file

@ -1,274 +0,0 @@
package crypto
// Original work completed by @vsergeev: https://github.com/vsergeev/btckeygenie
// Expanded and tweaked upon here under MIT license.
import (
"bytes"
"crypto/rand"
"encoding/binary"
"encoding/hex"
"errors"
"fmt"
"io"
"math/big"
"github.com/CityOfZion/neo-go/pkg/util"
)
type (
// EllipticCurve represents the parameters of a short Weierstrass equation elliptic
// curve.
EllipticCurve struct {
A *big.Int
B *big.Int
P *big.Int
G ECPoint
N *big.Int
H *big.Int
}
// ECPoint represents a point on the EllipticCurve.
ECPoint struct {
X *big.Int
Y *big.Int
}
)
// NewEllipticCurve returns a ready to use EllipticCurve with preconfigured
// fields for the NEO protocol.
func NewEllipticCurve() EllipticCurve {
c := EllipticCurve{}
c.P, _ = new(big.Int).SetString(
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", 16,
)
c.A, _ = new(big.Int).SetString(
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", 16,
)
c.B, _ = new(big.Int).SetString(
"5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", 16,
)
c.G.X, _ = new(big.Int).SetString(
"6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", 16,
)
c.G.Y, _ = new(big.Int).SetString(
"4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", 16,
)
c.N, _ = new(big.Int).SetString(
"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", 16,
)
c.H, _ = new(big.Int).SetString("01", 16)
return c
}
// RandomECPoint returns a random generated ECPoint, mostly used
// for testing.
func RandomECPoint() ECPoint {
c := NewEllipticCurve()
b := make([]byte, c.N.BitLen()/8+8)
if _, err := io.ReadFull(rand.Reader, b); err != nil {
return ECPoint{}
}
d := new(big.Int).SetBytes(b)
d.Mod(d, new(big.Int).Sub(c.N, big.NewInt(1)))
d.Add(d, big.NewInt(1))
q := new(big.Int).SetBytes(d.Bytes())
return c.ScalarBaseMult(q)
}
// ECPointFromReader return a new point from the given reader.
// f == 4, 6 or 7 are not implemented.
func ECPointFromReader(r io.Reader) (point ECPoint, err error) {
var f uint8
if err = binary.Read(r, binary.LittleEndian, &f); err != nil {
return
}
// Infinity
if f == 0 {
return ECPoint{
X: new(big.Int),
Y: new(big.Int),
}, nil
}
if f == 2 || f == 3 {
y := new(big.Int).SetBytes([]byte{f & 1})
data := make([]byte, 32)
if err = binary.Read(r, binary.LittleEndian, data); err != nil {
return
}
data = util.ArrayReverse(data)
data = append(data, byte(0x00))
return ECPoint{
X: new(big.Int).SetBytes(data),
Y: y,
}, nil
}
return
}
// EncodeBinary encodes the point to the given io.Writer.
func (p ECPoint) EncodeBinary(w io.Writer) error {
bx := p.X.Bytes()
padded := append(
bytes.Repeat(
[]byte{0x00},
32-len(bx),
),
bx...,
)
prefix := byte(0x03)
if p.Y.Bit(0) == 0 {
prefix = byte(0x02)
}
buf := make([]byte, len(padded)+1)
buf[0] = prefix
copy(buf[1:], padded)
return binary.Write(w, binary.LittleEndian, buf)
}
// String implements the Stringer interface.
func (p *ECPoint) String() string {
if p.IsInfinity() {
return "00"
}
bx := hex.EncodeToString(p.X.Bytes())
by := hex.EncodeToString(p.Y.Bytes())
return fmt.Sprintf("%s%s", bx, by)
}
// IsInfinity checks if point P is infinity on EllipticCurve ec.
func (p *ECPoint) IsInfinity() bool {
return p.X == nil && p.Y == nil
}
// IsInfinity checks if point P is infinity on EllipticCurve ec.
func (c *EllipticCurve) IsInfinity(P ECPoint) bool {
return P.X == nil && P.Y == nil
}
// IsOnCurve checks if point P is on EllipticCurve ec.
func (c *EllipticCurve) IsOnCurve(P ECPoint) bool {
if c.IsInfinity(P) {
return false
}
lhs := mulMod(P.Y, P.Y, c.P)
rhs := addMod(
addMod(
expMod(P.X, big.NewInt(3), c.P),
mulMod(c.A, P.X, c.P), c.P),
c.B, c.P)
return lhs.Cmp(rhs) == 0
}
// Add computes R = P + Q on EllipticCurve ec.
func (c *EllipticCurve) Add(P, Q ECPoint) (R ECPoint) {
// See rules 1-5 on SEC1 pg.7 http://www.secg.org/collateral/sec1_final.pdf
if c.IsInfinity(P) && c.IsInfinity(Q) {
R.X = nil
R.Y = nil
} else if c.IsInfinity(P) {
R.X = new(big.Int).Set(Q.X)
R.Y = new(big.Int).Set(Q.Y)
} else if c.IsInfinity(Q) {
R.X = new(big.Int).Set(P.X)
R.Y = new(big.Int).Set(P.Y)
} else if P.X.Cmp(Q.X) == 0 && addMod(P.Y, Q.Y, c.P).Sign() == 0 {
R.X = nil
R.Y = nil
} else if P.X.Cmp(Q.X) == 0 && P.Y.Cmp(Q.Y) == 0 && P.Y.Sign() != 0 {
num := addMod(
mulMod(big.NewInt(3),
mulMod(P.X, P.X, c.P), c.P),
c.A, c.P)
den := invMod(mulMod(big.NewInt(2), P.Y, c.P), c.P)
lambda := mulMod(num, den, c.P)
R.X = subMod(
mulMod(lambda, lambda, c.P),
mulMod(big.NewInt(2), P.X, c.P),
c.P)
R.Y = subMod(
mulMod(lambda, subMod(P.X, R.X, c.P), c.P),
P.Y, c.P)
} else if P.X.Cmp(Q.X) != 0 {
num := subMod(Q.Y, P.Y, c.P)
den := invMod(subMod(Q.X, P.X, c.P), c.P)
lambda := mulMod(num, den, c.P)
R.X = subMod(
subMod(
mulMod(lambda, lambda, c.P),
P.X, c.P),
Q.X, c.P)
R.Y = subMod(
mulMod(lambda,
subMod(P.X, R.X, c.P), c.P),
P.Y, c.P)
} else {
panic(fmt.Sprintf("Unsupported point addition: %v + %v", P, Q))
}
return R
}
// ScalarMult computes Q = k * P on EllipticCurve ec.
func (c *EllipticCurve) ScalarMult(k *big.Int, P ECPoint) (Q ECPoint) {
// Implementation based on pseudocode here:
// https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Montgomery_ladder
var R0 ECPoint
var R1 ECPoint
R0.X = nil
R0.Y = nil
R1.X = new(big.Int).Set(P.X)
R1.Y = new(big.Int).Set(P.Y)
for i := c.N.BitLen() - 1; i >= 0; i-- {
if k.Bit(i) == 0 {
R1 = c.Add(R0, R1)
R0 = c.Add(R0, R0)
} else {
R0 = c.Add(R0, R1)
R1 = c.Add(R1, R1)
}
}
return R0
}
// ScalarBaseMult computes Q = k * G on EllipticCurve ec.
func (c *EllipticCurve) ScalarBaseMult(k *big.Int) (Q ECPoint) {
return c.ScalarMult(k, c.G)
}
// Decompress decompresses coordinate x and ylsb (y's least significant bit) into a ECPoint P on EllipticCurve ec.
func (c *EllipticCurve) Decompress(x *big.Int, ylsb uint) (P ECPoint, err error) {
/* y**2 = x**3 + a*x + b % p */
rhs := addMod(
addMod(
expMod(x, big.NewInt(3), c.P),
mulMod(c.A, x, c.P),
c.P),
c.B, c.P)
y := sqrtMod(rhs, c.P)
if y.Bit(0) != (ylsb & 0x1) {
y = subMod(big.NewInt(0), y, c.P)
}
P.X = x
P.Y = y
if !c.IsOnCurve(P) {
return P, errors.New("compressed (x, ylsb) not on curve")
}
return P, nil
}

View file

@ -44,10 +44,7 @@ func NEP2ScryptParams() ScryptParams {
// NEP2Encrypt encrypts a the PrivateKey using a given passphrase // NEP2Encrypt encrypts a the PrivateKey using a given passphrase
// under the NEP-2 standard. // under the NEP-2 standard.
func NEP2Encrypt(priv *PrivateKey, passphrase string) (s string, err error) { func NEP2Encrypt(priv *PrivateKey, passphrase string) (s string, err error) {
address, err := priv.Address() address := priv.Address()
if err != nil {
return s, err
}
addrHash := hash.Checksum([]byte(address)) addrHash := hash.Checksum([]byte(address))
// Normalize the passphrase according to the NFC standard. // Normalize the passphrase according to the NFC standard.
@ -119,14 +116,11 @@ func NEP2Decrypt(key, passphrase string) (s string, err error) {
return s, errors.New("password mismatch") return s, errors.New("password mismatch")
} }
return privKey.WIF() return privKey.WIF(), nil
} }
func compareAddressHash(priv *PrivateKey, inhash []byte) bool { func compareAddressHash(priv *PrivateKey, inhash []byte) bool {
address, err := priv.Address() address := priv.Address()
if err != nil {
return false
}
addrHash := hash.Checksum([]byte(address)) addrHash := hash.Checksum([]byte(address))
return bytes.Equal(addrHash, inhash) return bytes.Equal(addrHash, inhash)
} }

View file

@ -31,12 +31,10 @@ func TestNEP2Decrypt(t *testing.T) {
assert.Equal(t, testCase.PrivateKey, privKey.String()) assert.Equal(t, testCase.PrivateKey, privKey.String())
wif, err := privKey.WIF() wif := privKey.WIF()
assert.Nil(t, err)
assert.Equal(t, testCase.Wif, wif) assert.Equal(t, testCase.Wif, wif)
address, err := privKey.Address() address := privKey.Address()
assert.Nil(t, err)
assert.Equal(t, testCase.Address, address) assert.Equal(t, testCase.Address, address)
} }
} }

View file

@ -1,19 +1,15 @@
package keys package keys
import ( import (
"bytes"
"crypto/ecdsa" "crypto/ecdsa"
"crypto/elliptic" "crypto/elliptic"
"crypto/rand" "crypto/rand"
"crypto/sha256" "crypto/sha256"
"crypto/x509" "crypto/x509"
"encoding/hex" "encoding/hex"
"errors"
"fmt" "fmt"
"io"
"math/big" "math/big"
"github.com/CityOfZion/neo-go/pkg/crypto"
"github.com/nspcc-dev/rfc6979" "github.com/nspcc-dev/rfc6979"
) )
@ -24,18 +20,11 @@ type PrivateKey struct {
// NewPrivateKey creates a new random private key. // NewPrivateKey creates a new random private key.
func NewPrivateKey() (*PrivateKey, error) { func NewPrivateKey() (*PrivateKey, error) {
c := crypto.NewEllipticCurve() priv, _, _, err := elliptic.GenerateKey(elliptic.P256(), rand.Reader)
b := make([]byte, c.N.BitLen()/8+8) if err != nil {
if _, err := io.ReadFull(rand.Reader, b); err != nil {
return nil, err return nil, err
} }
return &PrivateKey{b: priv}, nil
d := new(big.Int).SetBytes(b)
d.Mod(d, new(big.Int).Sub(c.N, big.NewInt(1)))
d.Add(d, big.NewInt(1))
p := &PrivateKey{b: d.Bytes()}
return p, nil
} }
// NewPrivateKeyFromHex returns a PrivateKey created from the // NewPrivateKeyFromHex returns a PrivateKey created from the
@ -68,38 +57,15 @@ func NewPrivateKeyFromRawBytes(b []byte) (*PrivateKey, error) {
} }
// PublicKey derives the public key from the private key. // PublicKey derives the public key from the private key.
func (p *PrivateKey) PublicKey() (*PublicKey, error) { func (p *PrivateKey) PublicKey() *PublicKey {
var ( var (
err error c = elliptic.P256()
pk PublicKey
c = crypto.NewEllipticCurve()
q = new(big.Int).SetBytes(p.b) q = new(big.Int).SetBytes(p.b)
) )
point := c.ScalarBaseMult(q) x, y := c.ScalarBaseMult(q.Bytes())
if !c.IsOnCurve(point) {
return nil, errors.New("failed to derive public key using elliptic curve")
}
bx := point.X.Bytes() return &PublicKey{X: x, Y: y}
padded := append(
bytes.Repeat(
[]byte{0x00},
32-len(bx),
),
bx...,
)
prefix := []byte{0x03}
if point.Y.Bit(0) == 0 {
prefix = []byte{0x02}
}
b := append(prefix, padded...)
if err = pk.DecodeBytes(b); err != nil {
return nil, err
}
return &pk, nil
} }
// NewPrivateKeyFromWIF returns a NEO PrivateKey from the given // NewPrivateKeyFromWIF returns a NEO PrivateKey from the given
@ -115,27 +81,27 @@ func NewPrivateKeyFromWIF(wif string) (*PrivateKey, error) {
// WIF returns the (wallet import format) of the PrivateKey. // WIF returns the (wallet import format) of the PrivateKey.
// Good documentation about this process can be found here: // Good documentation about this process can be found here:
// https://en.bitcoin.it/wiki/Wallet_import_format // https://en.bitcoin.it/wiki/Wallet_import_format
func (p *PrivateKey) WIF() (string, error) { func (p *PrivateKey) WIF() string {
return WIFEncode(p.b, WIFVersion, true) w, err := WIFEncode(p.b, WIFVersion, true)
// The only way WIFEncode() can fail is if we're to give it a key of
// wrong size, but we have a proper key here, aren't we?
if err != nil {
panic(err)
}
return w
} }
// Address derives the public NEO address that is coupled with the private key, and // Address derives the public NEO address that is coupled with the private key, and
// returns it as a string. // returns it as a string.
func (p *PrivateKey) Address() (string, error) { func (p *PrivateKey) Address() string {
pk, err := p.PublicKey() pk := p.PublicKey()
if err != nil { return pk.Address()
return "", err
}
return pk.Address(), nil
} }
// Signature creates the signature using the private key. // Signature creates the signature using the private key.
func (p *PrivateKey) Signature() ([]byte, error) { func (p *PrivateKey) Signature() []byte {
pk, err := p.PublicKey() pk := p.PublicKey()
if err != nil { return pk.Signature()
return nil, err
}
return pk.Signature(), nil
} }
// Sign signs arbitrary length data using the private key. // Sign signs arbitrary length data using the private key.

View file

@ -14,14 +14,12 @@ func TestPrivateKey(t *testing.T) {
for _, testCase := range keytestcases.Arr { for _, testCase := range keytestcases.Arr {
privKey, err := NewPrivateKeyFromHex(testCase.PrivateKey) privKey, err := NewPrivateKeyFromHex(testCase.PrivateKey)
assert.Nil(t, err) assert.Nil(t, err)
address, err := privKey.Address() address := privKey.Address()
assert.Nil(t, err)
assert.Equal(t, testCase.Address, address) assert.Equal(t, testCase.Address, address)
wif, err := privKey.WIF() wif := privKey.WIF()
assert.Nil(t, err)
assert.Equal(t, testCase.Wif, wif) assert.Equal(t, testCase.Wif, wif)
pubKey, _ := privKey.PublicKey() pubKey := privKey.PublicKey()
assert.Equal(t, hex.EncodeToString(pubKey.Bytes()), testCase.PublicKey) assert.Equal(t, hex.EncodeToString(pubKey.Bytes()), testCase.PublicKey)
} }
} }

View file

@ -7,6 +7,7 @@ import (
"crypto/x509" "crypto/x509"
"encoding/binary" "encoding/binary"
"encoding/hex" "encoding/hex"
"fmt"
"io" "io"
"math/big" "math/big"
@ -35,9 +36,10 @@ func (keys PublicKeys) Less(i, j int) bool {
} }
// PublicKey represents a public key and provides a high level // PublicKey represents a public key and provides a high level
// API around the ECPoint. // API around the X/Y point.
type PublicKey struct { type PublicKey struct {
crypto.ECPoint X *big.Int
Y *big.Int
} }
// NewPublicKeyFromString return a public key created from the // NewPublicKeyFromString return a public key created from the
@ -58,7 +60,7 @@ func NewPublicKeyFromString(s string) (*PublicKey, error) {
// Bytes returns the byte array representation of the public key. // Bytes returns the byte array representation of the public key.
func (p *PublicKey) Bytes() []byte { func (p *PublicKey) Bytes() []byte {
if p.IsInfinity() { if p.isInfinity() {
return []byte{0x00} return []byte{0x00}
} }
@ -89,78 +91,95 @@ func NewPublicKeyFromRawBytes(data []byte) (*PublicKey, error) {
return nil, errors.New("given bytes aren't ECDSA public key") return nil, errors.New("given bytes aren't ECDSA public key")
} }
key := PublicKey{ key := PublicKey{
crypto.ECPoint{ X: pk.X,
X: pk.X, Y: pk.Y,
Y: pk.Y,
},
} }
return &key, nil return &key, nil
} }
// decodeCompressedY performs decompression of Y coordinate for given X and Y's least significant bit
func decodeCompressedY(x *big.Int, ylsb uint) (*big.Int, error) {
c := elliptic.P256()
cp := c.Params()
three := big.NewInt(3)
/* y**2 = x**3 + a*x + b % p */
xCubed := new(big.Int).Exp(x, three, cp.P)
threeX := new(big.Int).Mul(x, three)
threeX.Mod(threeX, cp.P)
ySquared := new(big.Int).Sub(xCubed, threeX)
ySquared.Add(ySquared, cp.B)
ySquared.Mod(ySquared, cp.P)
y := new(big.Int).ModSqrt(ySquared, cp.P)
if y == nil {
return nil, errors.New("error computing Y for compressed point")
}
if y.Bit(0) != ylsb {
y.Neg(y)
y.Mod(y, cp.P)
}
return y, nil
}
// DecodeBytes decodes a PublicKey from the given slice of bytes. // DecodeBytes decodes a PublicKey from the given slice of bytes.
func (p *PublicKey) DecodeBytes(data []byte) error { func (p *PublicKey) DecodeBytes(data []byte) error {
l := len(data) var datab []byte
copy(datab, data)
switch prefix := data[0]; prefix { b := bytes.NewBuffer(datab)
// Infinity return p.DecodeBinary(b)
case 0x00:
p.ECPoint = crypto.ECPoint{}
// Compressed public keys
case 0x02, 0x03:
if l < 33 {
return errors.Errorf("bad binary size(%d)", l)
}
c := crypto.NewEllipticCurve()
var err error
p.ECPoint, err = c.Decompress(new(big.Int).SetBytes(data[1:]), uint(prefix&0x1))
if err != nil {
return err
}
case 0x04:
if l < 66 {
return errors.Errorf("bad binary size(%d)", l)
}
p.X = new(big.Int).SetBytes(data[2:34])
p.Y = new(big.Int).SetBytes(data[34:66])
default:
return errors.Errorf("invalid prefix %d", prefix)
}
return nil
} }
// DecodeBinary decodes a PublicKey from the given io.Reader. // DecodeBinary decodes a PublicKey from the given io.Reader.
func (p *PublicKey) DecodeBinary(r io.Reader) error { func (p *PublicKey) DecodeBinary(r io.Reader) error {
var prefix, size uint8 var prefix uint8
var x, y *big.Int
var err error
if err := binary.Read(r, binary.LittleEndian, &prefix); err != nil { if err = binary.Read(r, binary.LittleEndian, &prefix); err != nil {
return err return err
} }
// Infinity // Infinity
switch prefix { switch prefix {
case 0x00: case 0x00:
p.ECPoint = crypto.ECPoint{} // noop, initialized to nil
return nil return nil
// Compressed public keys
case 0x02, 0x03: case 0x02, 0x03:
size = 32 // Compressed public keys
xbytes := make([]byte, 32)
if _, err := io.ReadFull(r, xbytes); err != nil {
return err
}
x = new(big.Int).SetBytes(xbytes)
ylsb := uint(prefix&0x1)
y, err = decodeCompressedY(x, ylsb)
if err != nil {
return err
}
case 0x04: case 0x04:
size = 65 xbytes := make([]byte, 32)
ybytes := make([]byte, 32)
if _, err = io.ReadFull(r, xbytes); err != nil {
return err
}
if _, err = io.ReadFull(r, ybytes); err != nil {
return err
}
x = new(big.Int).SetBytes(xbytes)
y = new(big.Int).SetBytes(ybytes)
default: default:
return errors.Errorf("invalid prefix %d", prefix) return errors.Errorf("invalid prefix %d", prefix)
} }
c := elliptic.P256()
data := make([]byte, size+1) // prefix + size cp := c.Params()
if !c.IsOnCurve(x, y) {
if _, err := io.ReadFull(r, data[1:]); err != nil { return errors.New("enccoded point is not on the P256 curve")
return err
} }
if x.Cmp(cp.P) >= 0 || y.Cmp(cp.P) >= 0 {
return errors.New("enccoded point is not correct (X or Y is bigger than P")
}
p.X, p.Y = x, y
data[0] = prefix return nil
return p.DecodeBytes(data)
} }
// EncodeBinary encodes a PublicKey to the given io.Writer. // EncodeBinary encodes a PublicKey to the given io.Writer.
@ -206,3 +225,18 @@ func (p *PublicKey) Verify(signature []byte, hash []byte) bool {
sBytes := new(big.Int).SetBytes(signature[32:64]) sBytes := new(big.Int).SetBytes(signature[32:64])
return ecdsa.Verify(publicKey, hash, rBytes, sBytes) return ecdsa.Verify(publicKey, hash, rBytes, sBytes)
} }
// isInfinity checks if point P is infinity on EllipticCurve ec.
func (p *PublicKey) isInfinity() bool {
return p.X == nil && p.Y == nil
}
// String implements the Stringer interface.
func (p *PublicKey) String() string {
if p.isInfinity() {
return "00"
}
bx := hex.EncodeToString(p.X.Bytes())
by := hex.EncodeToString(p.Y.Bytes())
return fmt.Sprintf("%s%s", bx, by)
}

View file

@ -5,12 +5,11 @@ import (
"encoding/hex" "encoding/hex"
"testing" "testing"
"github.com/CityOfZion/neo-go/pkg/crypto"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestEncodeDecodeInfinity(t *testing.T) { func TestEncodeDecodeInfinity(t *testing.T) {
key := &PublicKey{crypto.ECPoint{}} key := &PublicKey{}
buf := new(bytes.Buffer) buf := new(bytes.Buffer)
assert.Nil(t, key.EncodeBinary(buf)) assert.Nil(t, key.EncodeBinary(buf))
assert.Equal(t, 1, buf.Len()) assert.Equal(t, 1, buf.Len())
@ -22,7 +21,9 @@ func TestEncodeDecodeInfinity(t *testing.T) {
func TestEncodeDecodePublicKey(t *testing.T) { func TestEncodeDecodePublicKey(t *testing.T) {
for i := 0; i < 4; i++ { for i := 0; i < 4; i++ {
p := &PublicKey{crypto.RandomECPoint()} k, err := NewPrivateKey()
assert.Nil(t, err)
p := k.PublicKey()
buf := new(bytes.Buffer) buf := new(bytes.Buffer)
assert.Nil(t, p.EncodeBinary(buf)) assert.Nil(t, p.EncodeBinary(buf))

View file

@ -15,8 +15,7 @@ func TestPubKeyVerify(t *testing.T) {
assert.Nil(t, err) assert.Nil(t, err)
signedData, err := privKey.Sign(data) signedData, err := privKey.Sign(data)
assert.Nil(t, err) assert.Nil(t, err)
pubKey, err := privKey.PublicKey() pubKey := privKey.PublicKey()
assert.Nil(t, err)
result := pubKey.Verify(signedData, hashedData.Bytes()) result := pubKey.Verify(signedData, hashedData.Bytes())
expected := true expected := true
assert.Equal(t, expected, result) assert.Equal(t, expected, result)
@ -29,7 +28,7 @@ func TestWrongPubKey(t *testing.T) {
signedData, _ := privKey.Sign(sample) signedData, _ := privKey.Sign(sample)
secondPrivKey, _ := NewPrivateKey() secondPrivKey, _ := NewPrivateKey()
wrongPubKey, _ := secondPrivKey.PublicKey() wrongPubKey := secondPrivKey.PublicKey()
actual := wrongPubKey.Verify(signedData, hashedData.Bytes()) actual := wrongPubKey.Verify(signedData, hashedData.Bytes())
expcted := false expcted := false

View file

@ -92,7 +92,7 @@ func WIFDecode(wif string, version byte) (*WIF, error) {
} }
// GetVerificationScript returns NEO VM bytecode with checksig command for the public key. // GetVerificationScript returns NEO VM bytecode with checksig command for the public key.
func (wif WIF) GetVerificationScript() ([]byte, error) { func (wif WIF) GetVerificationScript() []byte {
const ( const (
pushbytes33 = 0x21 pushbytes33 = 0x21
checksig = 0xac checksig = 0xac
@ -101,11 +101,8 @@ func (wif WIF) GetVerificationScript() ([]byte, error) {
vScript []byte vScript []byte
pubkey *PublicKey pubkey *PublicKey
) )
pubkey, err := wif.PrivateKey.PublicKey() pubkey = wif.PrivateKey.PublicKey()
if err != nil {
return nil, err
}
vScript = append([]byte{pushbytes33}, pubkey.Bytes()...) vScript = append([]byte{pushbytes33}, pubkey.Bytes()...)
vScript = append(vScript, checksig) vScript = append(vScript, checksig)
return vScript, nil return vScript
} }

View file

@ -1,61 +0,0 @@
package crypto
import "math/big"
// addMod computes z = (x + y) % p.
func addMod(x *big.Int, y *big.Int, p *big.Int) (z *big.Int) {
z = new(big.Int).Add(x, y)
z.Mod(z, p)
return z
}
// subMod computes z = (x - y) % p.
func subMod(x *big.Int, y *big.Int, p *big.Int) (z *big.Int) {
z = new(big.Int).Sub(x, y)
z.Mod(z, p)
return z
}
// mulMod computes z = (x * y) % p.
func mulMod(x *big.Int, y *big.Int, p *big.Int) (z *big.Int) {
n := new(big.Int).Set(x)
z = big.NewInt(0)
for i := 0; i < y.BitLen(); i++ {
if y.Bit(i) == 1 {
z = addMod(z, n, p)
}
n = addMod(n, n, p)
}
return z
}
// invMod computes z = (1/x) % p.
func invMod(x *big.Int, p *big.Int) (z *big.Int) {
z = new(big.Int).ModInverse(x, p)
return z
}
// expMod computes z = (x^e) % p.
func expMod(x *big.Int, y *big.Int, p *big.Int) (z *big.Int) {
z = new(big.Int).Exp(x, y, p)
return z
}
// sqrtMod computes z = sqrt(x) % p.
func sqrtMod(x *big.Int, p *big.Int) (z *big.Int) {
/* assert that p % 4 == 3 */
if new(big.Int).Mod(p, big.NewInt(4)).Cmp(big.NewInt(3)) != 0 {
panic("p is not equal to 3 mod 4!")
}
/* z = sqrt(x) % p = x^((p+1)/4) % p */
/* e = (p+1)/4 */
e := new(big.Int).Add(p, big.NewInt(1))
e = e.Rsh(e, 2)
z = expMod(x, e, p)
return z
}

View file

@ -25,9 +25,7 @@ func CreateRawContractTransaction(params ContractTxParams) (*transaction.Transac
wif, assetID, address, amount, balancer = params.wif, params.assetID, params.address, params.value, params.balancer wif, assetID, address, amount, balancer = params.wif, params.assetID, params.address, params.value, params.balancer
) )
if fromAddress, err = wif.PrivateKey.Address(); err != nil { fromAddress = wif.PrivateKey.Address()
return nil, errs.Wrapf(err, "Failed to take address from WIF: %v", wif.S)
}
if fromAddressHash, err = crypto.Uint160DecodeAddress(fromAddress); err != nil { if fromAddressHash, err = crypto.Uint160DecodeAddress(fromAddress); err != nil {
return nil, errs.Wrapf(err, "Failed to take script hash from address: %v", fromAddress) return nil, errs.Wrapf(err, "Failed to take script hash from address: %v", fromAddress)
@ -59,9 +57,7 @@ func CreateRawContractTransaction(params ContractTxParams) (*transaction.Transac
if witness.InvocationScript, err = GetInvocationScript(tx, wif); err != nil { if witness.InvocationScript, err = GetInvocationScript(tx, wif); err != nil {
return nil, errs.Wrap(err, "Failed to create invocation script") return nil, errs.Wrap(err, "Failed to create invocation script")
} }
if witness.VerificationScript, err = wif.GetVerificationScript(); err != nil { witness.VerificationScript = wif.GetVerificationScript()
return nil, errs.Wrap(err, "Failed to create verification script")
}
tx.Scripts = append(tx.Scripts, &witness) tx.Scripts = append(tx.Scripts, &witness)
tx.Hash() tx.Hash()

View file

@ -57,7 +57,7 @@ func NewAccount() (*Account, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
return newAccountFromPrivateKey(priv) return newAccountFromPrivateKey(priv), nil
} }
// DecryptAccount decrypt the encryptedWIF with the given passphrase and // DecryptAccount decrypt the encryptedWIF with the given passphrase and
@ -87,23 +87,14 @@ func NewAccountFromWIF(wif string) (*Account, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
return newAccountFromPrivateKey(privKey) return newAccountFromPrivateKey(privKey), nil
} }
// newAccountFromPrivateKey created a wallet from the given PrivateKey. // newAccountFromPrivateKey created a wallet from the given PrivateKey.
func newAccountFromPrivateKey(p *keys.PrivateKey) (*Account, error) { func newAccountFromPrivateKey(p *keys.PrivateKey) *Account {
pubKey, err := p.PublicKey() pubKey := p.PublicKey()
if err != nil { pubAddr := p.Address()
return nil, err wif := p.WIF()
}
pubAddr, err := p.Address()
if err != nil {
return nil, err
}
wif, err := p.WIF()
if err != nil {
return nil, err
}
a := &Account{ a := &Account{
publicKey: pubKey.Bytes(), publicKey: pubKey.Bytes(),
@ -112,5 +103,5 @@ func newAccountFromPrivateKey(p *keys.PrivateKey) (*Account, error) {
wif: wif, wif: wif,
} }
return a, nil return a
} }