6 secp256k1 "github.com/btcsuite/btcd/btcec"
7 "github.com/tendermint/ed25519"
8 "github.com/tendermint/ed25519/extra25519"
9 "github.com/tendermint/go-wire"
10 data "github.com/tendermint/go-wire/data"
11 . "github.com/tendermint/tmlibs/common"
14 func PrivKeyFromBytes(privKeyBytes []byte) (privKey PrivKey, err error) {
15 err = wire.ReadBinaryBytes(privKeyBytes, &privKey)
17 // add support for a ValidateKey method on PrivKeys
18 // to make sure they load correctly
19 val, ok := privKey.Unwrap().(validatable)
21 err = val.ValidateKey()
27 // validatable is an optional interface for keys that want to
29 type validatable interface {
33 //----------------------------------------
35 // DO NOT USE THIS INTERFACE.
36 // You probably want to use PrivKey
37 // +gen wrapper:"PrivKey,Impl[PrivKeyEd25519,PrivKeySecp256k1],ed25519,secp256k1"
38 type PrivKeyInner interface {
39 AssertIsPrivKeyInner()
41 Sign(msg []byte) Signature
47 //-------------------------------------
49 var _ PrivKeyInner = PrivKeyEd25519{}
52 type PrivKeyEd25519 [64]byte
54 func (privKey PrivKeyEd25519) AssertIsPrivKeyInner() {}
56 func (privKey PrivKeyEd25519) Bytes() []byte {
57 return wire.BinaryBytes(PrivKey{privKey})
60 func (privKey PrivKeyEd25519) Sign(msg []byte) Signature {
61 privKeyBytes := [64]byte(privKey)
62 signatureBytes := ed25519.Sign(&privKeyBytes, msg)
63 return SignatureEd25519(*signatureBytes).Wrap()
66 func (privKey PrivKeyEd25519) PubKey() PubKey {
67 privKeyBytes := [64]byte(privKey)
68 pubBytes := *ed25519.MakePublicKey(&privKeyBytes)
69 return PubKeyEd25519(pubBytes).Wrap()
72 func (privKey PrivKeyEd25519) Equals(other PrivKey) bool {
73 if otherEd, ok := other.Unwrap().(PrivKeyEd25519); ok {
74 return bytes.Equal(privKey[:], otherEd[:])
80 func (p PrivKeyEd25519) MarshalJSON() ([]byte, error) {
81 return data.Encoder.Marshal(p[:])
84 func (p *PrivKeyEd25519) UnmarshalJSON(enc []byte) error {
86 err := data.Encoder.Unmarshal(&ref, enc)
91 func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte {
92 keyCurve25519 := new([32]byte)
93 privKeyBytes := [64]byte(privKey)
94 extra25519.PrivateKeyToCurve25519(keyCurve25519, &privKeyBytes)
98 func (privKey PrivKeyEd25519) String() string {
99 return Fmt("PrivKeyEd25519{*****}")
102 // Deterministically generates new priv-key bytes from key.
103 func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519 {
104 newBytes := wire.BinarySha256(struct {
109 copy(newKey[:], newBytes)
110 return PrivKeyEd25519(newKey)
113 func GenPrivKeyEd25519() PrivKeyEd25519 {
114 privKeyBytes := new([64]byte)
115 copy(privKeyBytes[:32], CRandBytes(32))
116 ed25519.MakePublicKey(privKeyBytes)
117 return PrivKeyEd25519(*privKeyBytes)
120 // NOTE: secret should be the output of a KDF like bcrypt,
121 // if it's derived from user input.
122 func GenPrivKeyEd25519FromSecret(secret []byte) PrivKeyEd25519 {
123 privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.
124 privKeyBytes := new([64]byte)
125 copy(privKeyBytes[:32], privKey32)
126 ed25519.MakePublicKey(privKeyBytes)
127 return PrivKeyEd25519(*privKeyBytes)
130 //-------------------------------------
132 var _ PrivKeyInner = PrivKeySecp256k1{}
134 // Implements PrivKey
135 type PrivKeySecp256k1 [32]byte
137 func (privKey PrivKeySecp256k1) AssertIsPrivKeyInner() {}
139 func (privKey PrivKeySecp256k1) Bytes() []byte {
140 return wire.BinaryBytes(PrivKey{privKey})
143 func (privKey PrivKeySecp256k1) Sign(msg []byte) Signature {
144 priv__, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
145 sig__, err := priv__.Sign(Sha256(msg))
149 return SignatureSecp256k1(sig__.Serialize()).Wrap()
152 func (privKey PrivKeySecp256k1) PubKey() PubKey {
153 _, pub__ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
154 var pub PubKeySecp256k1
155 copy(pub[:], pub__.SerializeCompressed())
159 func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool {
160 if otherSecp, ok := other.Unwrap().(PrivKeySecp256k1); ok {
161 return bytes.Equal(privKey[:], otherSecp[:])
167 func (p PrivKeySecp256k1) MarshalJSON() ([]byte, error) {
168 return data.Encoder.Marshal(p[:])
171 func (p *PrivKeySecp256k1) UnmarshalJSON(enc []byte) error {
173 err := data.Encoder.Unmarshal(&ref, enc)
178 func (privKey PrivKeySecp256k1) String() string {
179 return Fmt("PrivKeySecp256k1{*****}")
183 // Deterministically generates new priv-key bytes from key.
184 func (key PrivKeySecp256k1) Generate(index int) PrivKeySecp256k1 {
185 newBytes := wire.BinarySha256(struct {
190 copy(newKey[:], newBytes)
191 return PrivKeySecp256k1(newKey)
195 func GenPrivKeySecp256k1() PrivKeySecp256k1 {
196 privKeyBytes := [32]byte{}
197 copy(privKeyBytes[:], CRandBytes(32))
198 priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKeyBytes[:])
199 copy(privKeyBytes[:], priv.Serialize())
200 return PrivKeySecp256k1(privKeyBytes)
203 // NOTE: secret should be the output of a KDF like bcrypt,
204 // if it's derived from user input.
205 func GenPrivKeySecp256k1FromSecret(secret []byte) PrivKeySecp256k1 {
206 privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.
207 priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey32)
208 privKeyBytes := [32]byte{}
209 copy(privKeyBytes[:], priv.Serialize())
210 return PrivKeySecp256k1(privKeyBytes)