X-Git-Url: http://git.osdn.net/view?p=bytom%2FBytom-JS-SDK.git;a=blobdiff_plain;f=src%2Futils%2Fkey%2Fchainkd.js;h=42f145cf7945e8f9ca22a094f0eaa74fce7a3c7a;hp=db63b2aaf551c98cc392ec497cead32d3457b5e9;hb=2eb3f7a8e5629696ecb87d8ffcad6e8241c74692;hpb=b992b324aaf4a7e8f14f7f5acde0354513a3b3a0 diff --git a/src/utils/key/chainkd.js b/src/utils/key/chainkd.js index db63b2a..42f145c 100644 --- a/src/utils/key/chainkd.js +++ b/src/utils/key/chainkd.js @@ -32,23 +32,21 @@ function newXPrv(r) { // rootXPrv takes a seed binary string and produces a new xprv. function rootXPrv(seed){ - debugger - let h = createHmac('sha512', Buffer.from('Root','utf8')) + let h = createHmac('sha512', Buffer.from('Root', 'utf8')) .update(seed) .digest(); const hL = h.slice(0, 32); const hR = h.slice(32); - // h.Write(seed) - // h.Sum(xprv[:0]) - pruneRootScalar(hR); + pruneRootScalar(hL); let xprv = new XPrv(Buffer.concat( [hL,hR])); return xprv; } +exports.XPrv = XPrv; exports.newXPrv = newXPrv; exports.rootXPrv = rootXPrv; @@ -59,223 +57,9 @@ XPrv.prototype.XPub = function() { return xpub; }; -// -// // Child derives a child xprv based on `selector` string and `hardened` flag. -// // If `hardened` is false, child xpub can be derived independently -// // from the parent xpub without using the parent xprv. -// // If `hardened` is true, child key can only be derived from the parent xprv. -// function (xprv XPrv) Child(sel []byte, hardened bool) XPrv { -// if hardened { -// return xprv.hardenedChild(sel) -// } -// return xprv.nonhardenedChild(sel) -// } -// -// function (xprv XPrv) hardenedChild(sel []byte) (res XPrv) { -// h := hmac.New(sha512.New, xprv[32:]) -// h.Write([]byte{'H'}) -// h.Write(xprv[:32]) -// h.Write(sel) -// h.Sum(res[:0]) -// pruneRootScalar(res[:32]) -// return -// } -// -// function (xprv XPrv) nonhardenedChild(sel []byte) (res XPrv) { -// xpub := xprv.XPub() -// -// h := hmac.New(sha512.New, xpub[32:]) -// h.Write([]byte{'N'}) -// h.Write(xpub[:32]) -// h.Write(sel) -// h.Sum(res[:0]) -// -// pruneIntermediateScalar(res[:32]) -// -// // Unrolled the following loop: -// // var carry int -// // carry = 0 -// // for i := 0; i < 32; i++ { -// // sum := int(xprv[i]) + int(res[i]) + carry -// // res[i] = byte(sum & 0xff) -// // carry = (sum >> 8) -// // } -// -// sum := int(0) -// -// sum = int(xprv[0]) + int(res[0]) + (sum >> 8) -// res[0] = byte(sum & 0xff) -// sum = int(xprv[1]) + int(res[1]) + (sum >> 8) -// res[1] = byte(sum & 0xff) -// sum = int(xprv[2]) + int(res[2]) + (sum >> 8) -// res[2] = byte(sum & 0xff) -// sum = int(xprv[3]) + int(res[3]) + (sum >> 8) -// res[3] = byte(sum & 0xff) -// sum = int(xprv[4]) + int(res[4]) + (sum >> 8) -// res[4] = byte(sum & 0xff) -// sum = int(xprv[5]) + int(res[5]) + (sum >> 8) -// res[5] = byte(sum & 0xff) -// sum = int(xprv[6]) + int(res[6]) + (sum >> 8) -// res[6] = byte(sum & 0xff) -// sum = int(xprv[7]) + int(res[7]) + (sum >> 8) -// res[7] = byte(sum & 0xff) -// sum = int(xprv[8]) + int(res[8]) + (sum >> 8) -// res[8] = byte(sum & 0xff) -// sum = int(xprv[9]) + int(res[9]) + (sum >> 8) -// res[9] = byte(sum & 0xff) -// sum = int(xprv[10]) + int(res[10]) + (sum >> 8) -// res[10] = byte(sum & 0xff) -// sum = int(xprv[11]) + int(res[11]) + (sum >> 8) -// res[11] = byte(sum & 0xff) -// sum = int(xprv[12]) + int(res[12]) + (sum >> 8) -// res[12] = byte(sum & 0xff) -// sum = int(xprv[13]) + int(res[13]) + (sum >> 8) -// res[13] = byte(sum & 0xff) -// sum = int(xprv[14]) + int(res[14]) + (sum >> 8) -// res[14] = byte(sum & 0xff) -// sum = int(xprv[15]) + int(res[15]) + (sum >> 8) -// res[15] = byte(sum & 0xff) -// sum = int(xprv[16]) + int(res[16]) + (sum >> 8) -// res[16] = byte(sum & 0xff) -// sum = int(xprv[17]) + int(res[17]) + (sum >> 8) -// res[17] = byte(sum & 0xff) -// sum = int(xprv[18]) + int(res[18]) + (sum >> 8) -// res[18] = byte(sum & 0xff) -// sum = int(xprv[19]) + int(res[19]) + (sum >> 8) -// res[19] = byte(sum & 0xff) -// sum = int(xprv[20]) + int(res[20]) + (sum >> 8) -// res[20] = byte(sum & 0xff) -// sum = int(xprv[21]) + int(res[21]) + (sum >> 8) -// res[21] = byte(sum & 0xff) -// sum = int(xprv[22]) + int(res[22]) + (sum >> 8) -// res[22] = byte(sum & 0xff) -// sum = int(xprv[23]) + int(res[23]) + (sum >> 8) -// res[23] = byte(sum & 0xff) -// sum = int(xprv[24]) + int(res[24]) + (sum >> 8) -// res[24] = byte(sum & 0xff) -// sum = int(xprv[25]) + int(res[25]) + (sum >> 8) -// res[25] = byte(sum & 0xff) -// sum = int(xprv[26]) + int(res[26]) + (sum >> 8) -// res[26] = byte(sum & 0xff) -// sum = int(xprv[27]) + int(res[27]) + (sum >> 8) -// res[27] = byte(sum & 0xff) -// sum = int(xprv[28]) + int(res[28]) + (sum >> 8) -// res[28] = byte(sum & 0xff) -// sum = int(xprv[29]) + int(res[29]) + (sum >> 8) -// res[29] = byte(sum & 0xff) -// sum = int(xprv[30]) + int(res[30]) + (sum >> 8) -// res[30] = byte(sum & 0xff) -// sum = int(xprv[31]) + int(res[31]) + (sum >> 8) -// res[31] = byte(sum & 0xff) -// -// if (sum >> 8) != 0 { -// panic("sum does not fit in 256-bit int") -// } -// return -// } -// -// // Child derives a child xpub based on `selector` string. -// // The corresponding child xprv can be derived from the parent xprv -// // using non-hardened derivation: `parentxprv.Child(sel, false)`. -// function (xpub XPub) Child(sel []byte) (res XPub) { -// h := hmac.New(sha512.New, xpub[32:]) -// h.Write([]byte{'N'}) -// h.Write(xpub[:32]) -// h.Write(sel) -// h.Sum(res[:0]) -// -// pruneIntermediateScalar(res[:32]) -// -// var ( -// f ecmath.Scalar -// F ecmath.Point -// ) -// copy(f[:], res[:32]) -// F.ScMulBase(&f) -// -// var ( -// pubkey [32]byte -// P ecmath.Point -// ) -// copy(pubkey[:], xpub[:32]) -// _, ok := P.Decode(pubkey) -// if !ok { -// panic("XPub should have been validated on initialization") -// } -// -// P.Add(&P, &F) -// pubkey = P.Encode() -// copy(res[:32], pubkey[:]) -// -// return -// } -// -// // Derive generates a child xprv by recursively deriving -// // non-hardened child xprvs over the list of selectors: -// // `Derive([a,b,c,...]) == Child(a).Child(b).Child(c)...` -// function (xprv XPrv) Derive(path [][]byte) XPrv { -// res := xprv -// for _, p := range path { -// res = res.Child(p, false) -// } -// return res -// } -// -// // Derive generates a child xpub by recursively deriving -// // non-hardened child xpubs over the list of selectors: -// // `Derive([a,b,c,...]) == Child(a).Child(b).Child(c)...` -// function (xpub XPub) Derive(path [][]byte) XPub { -// res := xpub -// for _, p := range path { -// res = res.Child(p) -// } -// return res -// } -// -// // Sign creates an EdDSA signature using expanded private key -// // derived from the xprv. -// function (xprv XPrv) Sign(msg []byte) []byte { -// return Ed25519InnerSign(xprv.ExpandedPrivateKey(), msg) -// } -// -// // Verify checks an EdDSA signature using public key -// // extracted from the first 32 bytes of the xpub. -// function (xpub XPub) Verify(msg []byte, sig []byte) bool { -// return ed25519.Verify(xpub.PublicKey(), msg, sig) -// } -// -// // ExpandedPrivateKey generates a 64-byte key where -// // the first half is the scalar copied from xprv, -// // and the second half is the `prefix` is generated via PRF -// // from the xprv. -// function (xprv XPrv) ExpandedPrivateKey() ExpandedPrivateKey { -// var res [64]byte -// let h = createHmac('sha512', Buffer.from('Expand')); -// -// h.Write(xprv[:]) -// h.Sum(res[:0]) -// copy(res[:32], xprv[:32]) -// return res[:] -// } -// -// // PublicKey extracts the ed25519 public key from an xpub. -// function (xpub XPub) PublicKey() ed25519.PublicKey { -// return ed25519.PublicKey(xpub[:32]) -// } -// s must be >= 32 bytes long and gets rewritten in place. -// This is NOT the same pruning as in Ed25519: it additionally clears the third -// highest bit to ensure subkeys do not overflow the second highest bit. function pruneRootScalar(s) { s[0] &= 248; s[31] &= 31; // clear top 3 bits s[31] |= 64; // set second highest bit } - -// // Clears lowest 3 bits and highest 23 bits of `f`. -// function pruneIntermediateScalar(f) { -// f[0] &= 248; // clear bottom 3 bits -// f[29] &= 1; // clear 7 high bits -// f[30] = 0; // clear 8 bits -// f[31] = 0; // clear 8 bits -// }