示例#1
0
        public override Key GetKey(string password)
        {
            var encrypted = PartialEncrypted.ToArray();

            //Derive passfactor using scrypt with ownerentropy and the user's passphrase and use it to recompute passpoint
            byte[] passfactor = CalculatePassFactor(password, LotSequence, OwnerEntropy);
            var    passpoint  = CalculatePassPoint(passfactor);

            var derived = SCrypt.BitcoinComputeDerivedKey2(passpoint, this.AddressHash.Concat(this.OwnerEntropy).ToArray());

            //Decrypt encryptedpart1 to yield the remainder of seedb.
            var seedb   = DecryptSeed(encrypted, derived);
            var factorb = Hashes.DoubleSHA256(seedb).ToBytes();

#if HAS_SPAN
            var eckey = NBitcoinContext.Instance.CreateECPrivKey(passfactor).TweakMul(factorb);
            var key   = new Key(eckey, IsCompressed);
#else
            var curve = ECKey.Secp256k1;

            //Multiply passfactor by factorb mod N to yield the private key associated with generatedaddress.
            var keyNum   = new BigInteger(1, passfactor).Multiply(new BigInteger(1, factorb)).Mod(curve.N);
            var keyBytes = keyNum.ToByteArrayUnsigned();
            if (keyBytes.Length < 32)
            {
                keyBytes = new byte[32 - keyBytes.Length].Concat(keyBytes).ToArray();
            }

            var key = new Key(keyBytes, fCompressedIn: IsCompressed);
#endif
            var generatedaddress = key.PubKey.GetAddress(ScriptPubKeyType.Legacy, Network);
            var addresshash      = HashAddress(generatedaddress);

            if (!Utils.ArrayEqual(addresshash, AddressHash))
            {
                throw new SecurityException("Invalid password (or invalid Network)");
            }

            return(key);
        }
        public override Key GetKey(string password)
        {
            byte[] encrypted = PartialEncrypted.ToArray();
            //Derive passfactor using scrypt with ownerentropy and the user's passphrase and use it to recompute passpoint
            byte[] passfactor = CalculatePassFactor(password, LotSequence, OwnerEntropy);
            byte[] passpoint  = CalculatePassPoint(passfactor);

            byte[] derived = SCrypt.BitcoinComputeDerivedKey2(passpoint, this.AddressHash.Concat(this.OwnerEntropy).ToArray());

            //Decrypt encryptedpart1 to yield the remainder of seedb.
            byte[] seedb   = DecryptSeed(encrypted, derived);
            byte[] factorb = Hashes.Hash256(seedb).ToBytes();

            X9ECParameters curve = ECKey.Secp256k1;

            //Multiply passfactor by factorb mod N to yield the private key associated with generatedaddress.
            BigInteger keyNum = new BigInteger(1, passfactor).Multiply(new BigInteger(1, factorb)).Mod(curve.N);

            byte[] keyBytes = keyNum.ToByteArrayUnsigned();
            if (keyBytes.Length < 32)
            {
                keyBytes = new byte[32 - keyBytes.Length].Concat(keyBytes).ToArray();
            }

            var key = new Key(keyBytes, fCompressedIn: IsCompressed);

            BitcoinPubKeyAddress generatedaddress = key.PubKey.GetAddress(Network);

            byte[] addresshash = HashAddress(generatedaddress);

            if (!Utils.ArrayEqual(addresshash, AddressHash))
            {
                throw new SecurityException("Invalid password (or invalid Network)");
            }

            return(key);
        }