ARCHIVE/xrpl-dev-portal
1
0
Fork 0
mirror of https://github.com/XRPLF/xrpl-dev-portal.git synced 2025-11-20 19:55:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Key derivation code (working draft)

Browse Source 
- read hex, base58, RFC1751, or passphrase
- derive Ed25519 keys from seed
- derive secp256k1 master key from seed
- encode keys to hex or base58

Note: at this time, the RFC1751 implementation is consistent with the
original spec but not consistent with rippled's RFC1751 implementation.
I don't know why rippled's RFC1751 implementation doesn't match the
spec. Maybe something to do with endianness.
This commit is contained in:
mDuo13
2019-10-09 19:54:43 -07:00
parent 80be728267
commit 1815326542
6 changed files with 809 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
content/_code-samples/key-derivation/ed25519.py
View File

@@ -1,9 +1,14 @@
# Python Implementation from https://ed25519.cr.yp.to/software.html
# Adjusted to Python 3 syntax by rome@ripple.com
# Public domain software. This is a reference implementation that
# does not include recommended speed & security optimizations.
import hashlib
def bchr(i):
return bytes([i])
b = 256
q = 2**255 - 19
l = 2**252 + 27742317777372353535851937790883648493
@@ -13,7 +18,7 @@ def H(m):
def expmod(b,e,m):
if e == 0: return 1
t = expmod(b,e/2,m)**2 % m
t = expmod(b,e//2,m)**2 % m
if e & 1: t = (t*b) % m
return t
@@ -21,11 +26,11 @@ def inv(x):
return expmod(x,q-2,q)
d = -121665 * inv(121666)
I = expmod(2,(q-1)/4,q)
I = expmod(2,(q-1)//4,q)
def xrecover(y):
xx = (y*y-1) * inv(d*y*y+1)
x = expmod(xx,(q+3)/8,q)
x = expmod(xx,(q+3)//8,q)
if (x*x - xx) % q != 0: x = (x*I) % q
if x % 2 != 0: x = q-x
return x
@@ -45,23 +50,23 @@ def edwards(P,Q):
def scalarmult(P,e):
if e == 0: return [0,1]
Q = scalarmult(P,e/2)
Q = scalarmult(P,e//2)
Q = edwards(Q,Q)
if e & 1: Q = edwards(Q,P)
return Q
def encodeint(y):
bits = [(y >> i) & 1 for i in range(b)]
return ''.join([chr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b/8)])
return b''.join([bchr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b//8)])
def encodepoint(P):
x = P[0]
y = P[1]
bits = [(y >> i) & 1 for i in range(b - 1)] + [x & 1]
return ''.join([chr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b/8)])
return b''.join([bchr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b//8)])
def bit(h,i):
return (ord(h[i/8]) >> (i%8)) & 1
return (h[i//8] >> (i%8)) & 1
def publickey(sk):
h = H(sk)
@@ -76,7 +81,7 @@ def Hint(m):
def signature(m,sk,pk):
h = H(sk)
a = 2**(b-2) + sum(2**i * bit(h,i) for i in range(3,b-2))
r = Hint(''.join([h[i] for i in range(b/8,b/4)]) + m)
r = Hint(bytes([h[i] for i in range(b//8,b//4)]) + m)
R = scalarmult(B,r)
S = (r + Hint(encodepoint(R) + pk + m) * a) % l
return encodepoint(R) + encodeint(S)
@@ -98,11 +103,11 @@ def decodepoint(s):
return P
def checkvalid(s,m,pk):
if len(s) != b/4: raise Exception("signature length is wrong")
if len(pk) != b/8: raise Exception("public-key length is wrong")
R = decodepoint(s[0:b/8])
if len(s) != b//4: raise Exception("signature length is wrong")
if len(pk) != b//8: raise Exception("public-key length is wrong")
R = decodepoint(s[0:b//8])
A = decodepoint(pk)
S = decodeint(s[b/8:b/4])
S = decodeint(s[b//8:b//4])
h = Hint(encodepoint(R) + pk + m)
if scalarmult(B,S) != edwards(R,scalarmult(A,h)):
raise Exception("signature does not pass verification")