2018-03-05 22:33:44 +03:00
|
|
|
// Copyright 2018 The Grin Developers
|
2017-05-25 02:08:39 +03:00
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
2017-09-27 01:51:45 +03:00
|
|
|
use blake2::blake2b::blake2b;
|
2018-06-04 19:05:49 +03:00
|
|
|
use byteorder::{BigEndian, ByteOrder};
|
2018-06-08 08:21:54 +03:00
|
|
|
use types::{Error, Identifier};
|
2018-06-20 22:18:52 +03:00
|
|
|
use util::secp::Secp256k1;
|
2018-06-21 04:30:22 +03:00
|
|
|
use util::secp::key::SecretKey;
|
2017-10-13 07:45:07 +03:00
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
#[derive(Debug, Clone)]
|
|
|
|
pub struct ChildKey {
|
|
|
|
/// Child number of the key (n derivations)
|
|
|
|
pub n_child: u32,
|
|
|
|
/// Root key id
|
|
|
|
pub root_key_id: Identifier,
|
|
|
|
/// Key id
|
|
|
|
pub key_id: Identifier,
|
|
|
|
/// The private key
|
|
|
|
pub key: SecretKey,
|
|
|
|
}
|
|
|
|
|
2017-05-25 02:08:39 +03:00
|
|
|
/// An ExtendedKey is a secret key which can be used to derive new
|
|
|
|
/// secret keys to blind the commitment of a transaction output.
|
|
|
|
/// To be usable, a secret key should have an amount assigned to it,
|
|
|
|
/// but when the key is derived, the amount is not known and must be
|
|
|
|
/// given.
|
|
|
|
#[derive(Debug, Clone)]
|
|
|
|
pub struct ExtendedKey {
|
2018-01-25 23:19:32 +03:00
|
|
|
/// Child number of the extended key
|
2017-05-25 02:08:39 +03:00
|
|
|
pub n_child: u32,
|
2018-01-25 23:19:32 +03:00
|
|
|
/// Root key id
|
2017-10-13 07:45:07 +03:00
|
|
|
pub root_key_id: Identifier,
|
2018-01-25 23:19:32 +03:00
|
|
|
/// Key id
|
|
|
|
pub key_id: Identifier,
|
|
|
|
/// The secret key
|
2017-05-25 02:08:39 +03:00
|
|
|
pub key: SecretKey,
|
2018-01-25 23:19:32 +03:00
|
|
|
/// The chain code for the key derivation chain
|
|
|
|
pub chain_code: [u8; 32],
|
2017-05-25 02:08:39 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
impl ExtendedKey {
|
|
|
|
/// Creates a new extended master key from a seed
|
|
|
|
pub fn from_seed(secp: &Secp256k1, seed: &[u8]) -> Result<ExtendedKey, Error> {
|
|
|
|
match seed.len() {
|
2017-09-27 01:51:45 +03:00
|
|
|
16 | 32 | 64 => (),
|
2018-06-08 08:21:54 +03:00
|
|
|
_ => {
|
|
|
|
return Err(Error::KeyDerivation(
|
|
|
|
"seed size must be 128, 256 or 512".to_owned(),
|
|
|
|
))
|
|
|
|
}
|
2017-05-25 02:08:39 +03:00
|
|
|
}
|
|
|
|
|
2018-01-23 15:14:06 +03:00
|
|
|
let derived = blake2b(64, b"Grin/MW Seed", seed);
|
|
|
|
let slice = derived.as_bytes();
|
2017-05-25 02:08:39 +03:00
|
|
|
|
2018-03-04 03:19:54 +03:00
|
|
|
let key =
|
|
|
|
SecretKey::from_slice(&secp, &slice[0..32]).expect("Error deriving key (from_slice)");
|
2017-05-25 02:08:39 +03:00
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
let mut chain_code: [u8; 32] = Default::default();
|
|
|
|
(&mut chain_code).copy_from_slice(&slice[32..64]);
|
2018-01-23 15:14:06 +03:00
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
let key_id = Identifier::from_secret_key(secp, &key)?;
|
|
|
|
|
|
|
|
let ext_key = ExtendedKey {
|
2017-05-25 02:08:39 +03:00
|
|
|
n_child: 0,
|
2018-01-25 23:19:32 +03:00
|
|
|
root_key_id: key_id.clone(),
|
|
|
|
key_id: key_id.clone(),
|
|
|
|
|
|
|
|
// key and extended chain code for the key itself
|
2018-01-23 15:14:06 +03:00
|
|
|
key,
|
2018-01-25 23:19:32 +03:00
|
|
|
chain_code,
|
2017-05-25 02:08:39 +03:00
|
|
|
};
|
|
|
|
|
2017-05-29 06:21:29 +03:00
|
|
|
Ok(ext_key)
|
2017-05-25 02:08:39 +03:00
|
|
|
}
|
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
/// Derive a child key from this extended key
|
|
|
|
pub fn derive(&self, secp: &Secp256k1, n: u32) -> Result<ChildKey, Error> {
|
2017-05-25 02:08:39 +03:00
|
|
|
let mut n_bytes: [u8; 4] = [0; 4];
|
|
|
|
BigEndian::write_u32(&mut n_bytes, n);
|
2018-01-23 15:14:06 +03:00
|
|
|
|
2017-09-27 01:51:45 +03:00
|
|
|
let mut seed = self.key[..].to_vec();
|
|
|
|
seed.extend_from_slice(&n_bytes);
|
2017-05-25 02:08:39 +03:00
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
// only need a 32 byte digest here as we only need the bytes for the key itself
|
|
|
|
// we do not need additional bytes for a derived (and unused) chain code
|
|
|
|
let derived = blake2b(32, &self.chain_code[..], &seed[..]);
|
2017-05-25 02:08:39 +03:00
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
let mut key = SecretKey::from_slice(&secp, &derived.as_bytes()[..])
|
|
|
|
.expect("Error deriving key (from_slice)");
|
2018-01-23 15:14:06 +03:00
|
|
|
key.add_assign(secp, &self.key)
|
2018-01-25 23:19:32 +03:00
|
|
|
.expect("Error deriving key (add_assign)");
|
2017-05-25 02:08:39 +03:00
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
let key_id = Identifier::from_secret_key(secp, &key)?;
|
2018-01-23 15:14:06 +03:00
|
|
|
|
2018-01-25 23:19:32 +03:00
|
|
|
Ok(ChildKey {
|
2017-05-25 02:08:39 +03:00
|
|
|
n_child: n,
|
2018-01-25 23:19:32 +03:00
|
|
|
root_key_id: self.root_key_id.clone(),
|
|
|
|
key_id,
|
2018-01-23 15:14:06 +03:00
|
|
|
key,
|
2017-05-25 02:08:39 +03:00
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
mod test {
|
2017-10-07 20:38:41 +03:00
|
|
|
use serde_json;
|
|
|
|
|
2017-10-13 07:45:07 +03:00
|
|
|
use super::{ExtendedKey, Identifier};
|
2017-09-24 07:41:35 +03:00
|
|
|
use util;
|
2018-06-20 22:18:52 +03:00
|
|
|
use util::secp::Secp256k1;
|
2018-06-21 04:30:22 +03:00
|
|
|
use util::secp::key::SecretKey;
|
2017-09-24 07:41:35 +03:00
|
|
|
|
|
|
|
fn from_hex(hex_str: &str) -> Vec<u8> {
|
|
|
|
util::from_hex(hex_str.to_string()).unwrap()
|
|
|
|
}
|
2017-05-25 02:08:39 +03:00
|
|
|
|
2017-10-07 20:38:41 +03:00
|
|
|
#[test]
|
|
|
|
fn test_identifier_json_ser_deser() {
|
|
|
|
let hex = "942b6c0bd43bdcb24f3edfe7fadbc77054ecc4f2";
|
|
|
|
let identifier = Identifier::from_hex(hex).unwrap();
|
|
|
|
|
|
|
|
#[derive(Debug, Serialize, Deserialize, PartialEq)]
|
|
|
|
struct HasAnIdentifier {
|
|
|
|
identifier: Identifier,
|
|
|
|
}
|
|
|
|
|
|
|
|
let has_an_identifier = HasAnIdentifier { identifier };
|
|
|
|
|
|
|
|
let json = serde_json::to_string(&has_an_identifier).unwrap();
|
2017-10-13 07:45:07 +03:00
|
|
|
assert_eq!(json, "{\"identifier\":\"942b6c0bd43bdcb24f3e\"}");
|
2017-10-07 20:38:41 +03:00
|
|
|
|
|
|
|
let deserialized: HasAnIdentifier = serde_json::from_str(&json).unwrap();
|
|
|
|
assert_eq!(deserialized, has_an_identifier);
|
|
|
|
}
|
|
|
|
|
2017-05-25 02:08:39 +03:00
|
|
|
#[test]
|
|
|
|
fn extkey_from_seed() {
|
|
|
|
// TODO More test vectors
|
|
|
|
let s = Secp256k1::new();
|
2017-09-24 07:41:35 +03:00
|
|
|
let seed = from_hex("000102030405060708090a0b0c0d0e0f");
|
2017-05-25 02:08:39 +03:00
|
|
|
let extk = ExtendedKey::from_seed(&s, &seed.as_slice()).unwrap();
|
2018-01-23 15:14:06 +03:00
|
|
|
let sec = from_hex("2878a92133b0a7c2fbfb0bd4520ed2e55ea3fa2913200f05c30077d30b193480");
|
2017-05-25 02:08:39 +03:00
|
|
|
let secret_key = SecretKey::from_slice(&s, sec.as_slice()).unwrap();
|
2018-01-25 23:19:32 +03:00
|
|
|
let chain_code =
|
2018-01-23 15:14:06 +03:00
|
|
|
from_hex("3ad40dd836c5ce25dfcbdee5044d92cf6b65bd5475717fa7a56dd4a032cca7c0");
|
|
|
|
let identifier = from_hex("6f7c1a053ca54592e783");
|
2017-05-25 02:08:39 +03:00
|
|
|
let n_child = 0;
|
|
|
|
assert_eq!(extk.key, secret_key);
|
2018-03-04 03:19:54 +03:00
|
|
|
assert_eq!(extk.key_id, Identifier::from_bytes(identifier.as_slice()));
|
2017-10-06 23:10:30 +03:00
|
|
|
assert_eq!(
|
2017-10-13 07:45:07 +03:00
|
|
|
extk.root_key_id,
|
|
|
|
Identifier::from_bytes(identifier.as_slice())
|
2017-09-27 01:51:45 +03:00
|
|
|
);
|
2018-01-25 23:19:32 +03:00
|
|
|
assert_eq!(extk.chain_code, chain_code.as_slice());
|
2017-05-25 02:08:39 +03:00
|
|
|
assert_eq!(extk.n_child, n_child);
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn extkey_derivation() {
|
|
|
|
let s = Secp256k1::new();
|
2017-09-24 07:41:35 +03:00
|
|
|
let seed = from_hex("000102030405060708090a0b0c0d0e0f");
|
2017-05-25 02:08:39 +03:00
|
|
|
let extk = ExtendedKey::from_seed(&s, &seed.as_slice()).unwrap();
|
|
|
|
let derived = extk.derive(&s, 0).unwrap();
|
2018-01-25 23:19:32 +03:00
|
|
|
let sec = from_hex("55f1a2b67ec58933bf954fdc721327afe486e8989af923c3ae298e45a84ef597");
|
2017-05-25 02:08:39 +03:00
|
|
|
let secret_key = SecretKey::from_slice(&s, sec.as_slice()).unwrap();
|
2018-01-23 15:14:06 +03:00
|
|
|
let root_key_id = from_hex("6f7c1a053ca54592e783");
|
2018-01-25 23:19:32 +03:00
|
|
|
let identifier = from_hex("8fa188b56cefe66be154");
|
2017-05-25 02:08:39 +03:00
|
|
|
let n_child = 0;
|
|
|
|
assert_eq!(derived.key, secret_key);
|
2017-10-06 23:10:30 +03:00
|
|
|
assert_eq!(
|
2018-01-25 23:19:32 +03:00
|
|
|
derived.key_id,
|
2017-10-06 23:10:30 +03:00
|
|
|
Identifier::from_bytes(identifier.as_slice())
|
|
|
|
);
|
|
|
|
assert_eq!(
|
2017-10-13 07:45:07 +03:00
|
|
|
derived.root_key_id,
|
|
|
|
Identifier::from_bytes(root_key_id.as_slice())
|
2017-09-27 01:51:45 +03:00
|
|
|
);
|
2017-05-25 02:08:39 +03:00
|
|
|
assert_eq!(derived.n_child, n_child);
|
|
|
|
}
|
|
|
|
}
|