public override Key GetKey(string password)
        {
            byte[] encrypted = PartialEncrypted.ToArray();
            //Derive passfactor using scrypt with ownerentropy and the user's passphrase and use it to recompute passpoint
            byte[] passfactor = CalculatePassFactor(password, LotSequence, OwnerEntropy);
            byte[] passpoint  = CalculatePassPoint(passfactor);

            byte[] derived = SCrypt.BitcoinComputeDerivedKey2(passpoint, this.AddressHash.Concat(this.OwnerEntropy).ToArray());

            //Decrypt encryptedpart1 to yield the remainder of seedb.
            byte[] seedb   = DecryptSeed(encrypted, derived);
            byte[] factorb = Hashes.Hash256(seedb).ToBytes();

            X9ECParameters curve = ECKey.Secp256k1;

            //Multiply passfactor by factorb mod N to yield the private key associated with generatedaddress.
            BigInteger keyNum = new BigInteger(1, passfactor).Multiply(new BigInteger(1, factorb)).Mod(curve.N);

            byte[] keyBytes = keyNum.ToByteArrayUnsigned();
            if (keyBytes.Length < 32)
            {
                keyBytes = new byte[32 - keyBytes.Length].Concat(keyBytes).ToArray();
            }

            var key = new Key(keyBytes, fCompressedIn: IsCompressed);

            BitcoinPubKeyAddress generatedaddress = key.PubKey.GetAddress(Network);

            byte[] addresshash = HashAddress(generatedaddress);

            if (!Utils.ArrayEqual(addresshash, AddressHash))
            {
                throw new SecurityException("Invalid password (or invalid Network)");
            }

            return(key);
        }
		public Script GenerateScriptPubKey(BitcoinPubKeyAddress address)
		{
			if(address == null)
				throw new ArgumentNullException("address");
			return GenerateScriptPubKey(address.Hash);
		}
Example #3
0
 public BitcoinPubKeyAddress GetAddress()
 {
     return(_address ?? (_address = PrivateKey.PubKey.GetAddress(Network)));
 }
Example #4
0
 public BitcoinPubKeyAddress GetAddress()
 {
     return(this._address ?? (this._address = this.PrivateKey.PubKey.GetAddress(this.Network)));
 }
Example #5
0
        public EncryptedKeyResult GenerateEncryptedSecret(bool isCompressed = true, byte[] seedb = null)
        {
            //Set flagbyte.
            byte flagByte = 0;

            //Turn on bit 0x20 if the Bitcoin address will be formed by hashing the compressed public key
            flagByte |= isCompressed ? (byte)0x20 : (byte)0x00;
            flagByte |= this.LotSequence != null ? (byte)0x04 : (byte)0x00;

            //Generate 24 random bytes, call this seedb. Take SHA256(SHA256(seedb)) to yield 32 bytes, call this factorb.
            seedb = seedb ?? RandomUtils.GetBytes(24);

            byte[] factorb = Hashes.Hash256(seedb).ToBytes();

            //ECMultiply passpoint by factorb.
            X9ECParameters curve     = ECKey.Secp256k1;
            ECPoint        passpoint = curve.Curve.DecodePoint(this.Passpoint);
            ECPoint        pubPoint  = passpoint.Multiply(new BigInteger(1, factorb));

            //Use the resulting EC point as a public key
            var pubKey = new PubKey(pubPoint.GetEncoded());

            //and hash it into a Bitcoin address using either compressed or uncompressed public key
            //This is the generated Bitcoin address, call it generatedaddress.
            pubKey = isCompressed ? pubKey.Compress() : pubKey.Decompress();

            //call it generatedaddress.
            BitcoinPubKeyAddress generatedaddress = pubKey.GetAddress(this.Network);

            //Take the first four bytes of SHA256(SHA256(generatedaddress)) and call it addresshash.
            byte[] addresshash = BitcoinEncryptedSecretEC.HashAddress(generatedaddress);

            //Derive a second key from passpoint using scrypt
            //salt is addresshash + ownerentropy
            byte[] derived = BitcoinEncryptedSecretEC.CalculateDecryptionKey(this.Passpoint, addresshash, this.OwnerEntropy);

            //Now we will encrypt seedb.
            byte[] encrypted = BitcoinEncryptedSecret.EncryptSeed
                                   (seedb,
                                   derived);

            //0x01 0x43 + flagbyte + addresshash + ownerentropy + encryptedpart1[0...7] + encryptedpart2 which totals 39 bytes
            byte[] bytes =
                new[] { flagByte }
            .Concat(addresshash)
            .Concat(this.OwnerEntropy)
            .Concat(encrypted.Take(8).ToArray())
            .Concat(encrypted.Skip(16).ToArray())
            .ToArray();

            var encryptedSecret = new BitcoinEncryptedSecretEC(bytes, this.Network);

            return(new EncryptedKeyResult(encryptedSecret, generatedaddress, seedb, () =>
            {
                //ECMultiply factorb by G, call the result pointb. The result is 33 bytes.
                byte[] pointb = new Key(factorb).PubKey.ToBytes();
                //The first byte is 0x02 or 0x03. XOR it by (derivedhalf2[31] & 0x01), call the resulting byte pointbprefix.
                byte pointbprefix = (byte)(pointb[0] ^ (byte)(derived[63] & 0x01));
                byte[] pointbx = BitcoinEncryptedSecret.EncryptKey(pointb.Skip(1).ToArray(), derived);
                byte[] encryptedpointb = new byte[] { pointbprefix }.Concat(pointbx).ToArray();

                byte[] confirmBytes = this.Network.GetVersionBytes(Base58Type.CONFIRMATION_CODE, true)
                                      .Concat(new[] { flagByte })
                                      .Concat(addresshash)
                                      .Concat(this.OwnerEntropy)
                                      .Concat(encryptedpointb)
                                      .ToArray();

                return new BitcoinConfirmationCode(Encoders.Base58Check.EncodeData(confirmBytes), this.Network);
            }));
        }
Example #6
0
		public BitcoinPubKeyAddress GetAddress()
		{
			return _address ?? (_address = PrivateKey.PubKey.GetAddress(Network));
		}