public static void GenerateKeyPair(
SecureBytes seed,
out SecureBytes privateKey,
out SecureBytes publicKey)
{
using var scopedSeed = seed.ToUnsecuredBytes();
using var scopedPrivateKey = new ScopedBytes(PrivateKeySize);
using var scopedPublicKey = new ScopedBytes(PublicKeySize);
// copy first 32-bytes from seed to expandedPrivateKey left part ([0-31] bytes)
Array.Copy(
sourceArray: scopedSeed,
sourceIndex: 0,
destinationArray: scopedPrivateKey,
destinationIndex: 0,
length: PrivateKeySize);
// use first 32-bytes from seed (private key) to generate public key
GeneratePublicKey(
sk: scopedSeed,
skOff: 0,
pk: scopedPublicKey,
pkOff: 0);
privateKey = new SecureBytes(scopedPrivateKey);
publicKey = new SecureBytes(scopedPublicKey);
}
public TezosExtKey(SecureBytes seed)
{
using var scopedSeed = seed.ToUnsecuredBytes();
//var masterSecret = Hashes.HMACSHA512(key: HashKey, data: seed);
using var masterSecret = new ScopedBytes(PrivateKeyLength);
Buffer.BlockCopy(
src: scopedSeed,
srcOffset: 0,
dst: masterSecret,
dstOffset: 0,
count: 32);
// check third highest bit of the last byte of kL, where
// k = H512(masterSecret) and kL is its left 32-bytes
while (true)
{
using var k = new ScopedBytes(Hashes.SHA512(masterSecret));
if ((k[31] & 0b00100000) > 0)
{
// discard current k and try to get new
Buffer.BlockCopy(
src: k,
srcOffset: 0,
dst: masterSecret,
dstOffset: 0,
count: 32);
}
public HdKeyStorage Unlock(SecureString password)
{
try
{
using var scopedSeed = new ScopedBytes(Aes.Decrypt(
encryptedBytes: Hex.FromString(EncryptedSeed),
password: password,
keySize: AesKeySize,
saltSize: AesSaltSize,
iterations: AesRfc2898Iterations));
Seed = new SecureBytes(scopedSeed);
foreach (var singleKey in NonHdKeys)
{
singleKey.Unlock(password);
}
}
catch (Exception e)
{
Log.Error(e, "Unlock error");
}
return(this);
}
public static void GeneratePublicKeyFromExtended(
SecureBytes extendedPrivateKey,
out SecureBytes publicKey)
{
using var scopedExtentedPrivateKey = extendedPrivateKey.ToUnsecuredBytes();
using var scopedPublicKey = new ScopedBytes(PointBytes);
ScalarMultBaseEncoded(scopedExtentedPrivateKey, scopedPublicKey, 0);
publicKey = new SecureBytes(scopedPublicKey);
}
public static byte[] Decrypt(
byte[] encryptedBytes,
SecureString password,
int keySize = Aes256KeySize,
int saltSize = SaltSize,
int iterations = Iterations)
{
using var scopedPasswordBytes = new ScopedBytes(password.ToBytes());
return(Decrypt(encryptedBytes, scopedPasswordBytes, keySize, saltSize, iterations));
}
public HdKeyStorage(
string mnemonic,
Wordlist wordList = null,
SecureString passPhrase = null,
Network network = Network.MainNet)
{
Version = CurrentVersion;
Network = network;
using var scopedSeed = new ScopedBytes(new Mnemonic(mnemonic, wordList)
.DeriveSeed(passPhrase.ToUnsecuredString()));
Seed = new SecureBytes(scopedSeed);
}
public static void GeneratePublicKey(
SecureBytes privateKey,
out SecureBytes publicKey)
{
using var scopedPrivateKey = privateKey.ToUnsecuredBytes();
using var scopedPublicKey = new ScopedBytes(PublicKeySize);
GeneratePublicKey(
sk: scopedPrivateKey,
skOff: 0,
pk: scopedPublicKey,
pkOff: 0);
publicKey = new SecureBytes(scopedPublicKey);
}
public void Unlock(SecureString password)
{
try
{
using var scopedSeed = new ScopedBytes(Aes.Decrypt(
encryptedBytes: Hex.FromString(EncryptedSeed),
password: password,
keySize: AesKeySize,
saltSize: AesSaltSize,
iterations: AesRfc2898Iterations));
Seed = new SecureBytes(scopedSeed);
}
catch (Exception e)
{
Log.Error(e, "Unlock error");
}
}
private void Derive(
byte[] chainCode,
uint child,
out byte[] childChainCode,
out SecureBytes childPrivateKey,
out SecureBytes childPublicKey)
{
using var scopedPublicKey = _publicKey.ToUnsecuredBytes();
using var scopedPrivateKey = _privateKey.ToUnsecuredBytes();
using var data = new ScopedBytes(1 + 32 + 4);
if (child >> 31 == 0)
{
data[0] = 0;
Buffer.BlockCopy(src: scopedPublicKey, srcOffset: 0, dst: data, dstOffset: 1, count: 32);
}
else // hardened key (private derivation)
{
data[0] = 0;
Buffer.BlockCopy(src: scopedPrivateKey, srcOffset: 0, dst: data, dstOffset: 1, count: 32);
}
Buffer.BlockCopy(src: IndexToBytes(child), srcOffset: 0, dst: data, dstOffset: 33, count: 4);
using var l = new ScopedBytes(Hashes.HMACSHA512(chainCode, data));
using var scopedChildPrivateKey = new ScopedBytes(l.Data.SubArray(start: 0, length: 32));
childPrivateKey = new SecureBytes(scopedChildPrivateKey);
childChainCode = new byte[ChainCodeLength];
Buffer.BlockCopy(
src: l,
srcOffset: 32,
dst: childChainCode,
dstOffset: 0,
count: ChainCodeLength);
Ed25519.GeneratePublicKey(
privateKey: childPrivateKey,
publicKey: out childPublicKey);
}
public TezosExtKey(SecureBytes seed)
{
using var scopedSeed = seed.ToUnsecuredBytes();
using var scopedHashSeed = new ScopedBytes(Hashes.HMACSHA512(HashKey, scopedSeed));
using var secureHashSeed = new SecureBytes(scopedHashSeed);
Ed25519.GenerateKeyPair(
seed: secureHashSeed,
privateKey: out _privateKey,
publicKey: out _publicKey);
ChainCode = new byte[ChainCodeLength];
// copy hashSeed last 32 bytes to ChainCode
Buffer.BlockCopy(
src: scopedHashSeed,
srcOffset: PrivateKeyLength,
dst: ChainCode,
dstOffset: 0,
count: ChainCodeLength);
}
public SecureBytes GetPublicKey()
{
using var publicKey = new ScopedBytes(Key.PubKey.ToBytes());
return(new SecureBytes(publicKey));
}
public SecureBytes GetPrivateKey()
{
using var privateKey = new ScopedBytes(Key.ToBytes());
return(new SecureBytes(privateKey));
}
